The Chinese Military Never Backs Hacking Activities

Recently, a certain US cyber security company issued a report claiming that hackers related to the Chinese military attacked US websites. This accusation immediately attracted intensive attention from the international community. Is it true that the Chinese military has offered support to and even participated in hacking activities? How should the company and media's accusation be read? People's Daily interviewed relevant departments and experts.

Is the Chinese military involved in hacker attacks?

As one of the major victims of cyber attacks, the Chinese Government and military are firmly opposed to hacking activities.

In response to foreign media reports on Chinese military involvement in cyber hacking attacks, the Information Office of the Ministry of National Defense said on Feb. 20 that cyber attacks are a global problem. Chinese laws forbid any practices that endanger cyber security, including such hacking attacks. The Chinese Government always firmly cracks down on such criminal activities. The Chinese military has never supported any hacking activities in any form. Thus, it is neither professional nor responsible to make groundless accusations against the Chinese military.

China is among the major victims of cyber attacks. According to a report by the National Computer Network Emergency Response Technical Team Coordination Center of China, in 2012, 73,000 overseas IP addresses were involved in the control of more than 14 million hosts in China as Trojan or Botnet command and control servers while 32,000 IP addresses conducted remote control over nearly 38,000 websites in China through backdoor implantation. The IP addresses show that the United States ranked the first among the origins of the above cyber attacks, but China has not criticized the US side about it.

The Information Office of the Ministry of National Defense said China has always attached great importance to international cooperation on cyberspace and joint strikes on cyber crimes. The Chinese Ministry of Public Security has assisted more than 50 countries and regions in investigating some 1,100 cases of cyber crime since 2004. China has established bilateral law enforcement cooperation with over 30 countries and regions, including the United States and Britain, and has also signed bilateral judicial cooperation treaties. China has well-developed mechanisms for cracking down on cyber crimes and hacker attacks.

The Chinese side hopes the problem will be solved through normal legal cooperation. To unilaterally and openly scold others in the media will not help solve the problem, but instead will damage the atmosphere of cooperation.

Hong Lei, spokesperson of China's Foreign Ministry, said in a regular press conference on Feb. 19, 2013 that it is unprofessional and irresponsible for the US side to accuse China without evidence. The problem should be solved through constructive international cooperation on the basis of mutual trust and respect. The Chinese Government has always firmly opposed and cracked down on cyber attacks.

What is the evidence of the cyber attacks?

The US cyber security company's report has no compellent evidence. Accurate location of the attack source requires transnational and multi-department cooperation.

Wu Chengrong, associate professor of the School of Computer Science at Fudan University, said technically speaking, the tools depicted by the cyber company Mandiant are quite advanced with effective methods of cyber attacks. However, to make the conclusion that they are "Chinese military-backed hackers" just by several IP addresses is groundless.

Wu adds that cyber attackers always try to conceal their real address identities. Therefore, transnational cooperation among various departments is necessary to locate the source of attacks. However, only one cyber company has an internal record, even without monitoring data from telecommunications departments. Besides, there exists a big gap between China and the United States in information of security and cyber defense technologies. If the government does offer support to hacker attacks, given the fact that the United States is superior in technologies like operating systems, client terminal softwares, etc., and possesses internet strategic resources like root servers, it's difficult for China to win the battle.

According to Professor Xue Zhi, Vice Dean of the College of Information Security, Shanghai Jiaotong University, on the eve of China's Lunar New Year of 2010, the US media claimed that the college and Shandong Lanxiang Vocational School were Chinese hackers' "major camp," just because of an IP address that sent e-mails containing viruses. However, Shanghai Jiaotong University investigated that the IP address came from a computer in a student's dormitory. After this computer got infected by Trojan viruses, it became a "zombie." There are tens of thousands of such "zombie computers," and it's not easy to find out which one is the real operating computer and which are being manipulated.

The Information Office of the Ministry of National Defense also pointed out that cyber attacks are always transnational, anonymous and deceptive, with their source often difficult to identify. Mandiant's report lacks a legal basis to assert cyber espionage by the Chinese military only by cataloguing some routine cyber activities.

Why do such frequent reports appear?

It is due to the government's budget constraints and commercial interests.

Shen Yi, a PhD scholar from the School of International Relations and Public Affairs, Fudan University, told People's Daily, it's interesting to note that the writer of Mandiant's report used to work in the US air force intelligence agency. Later, he worked with arms dealer Lockheed Martin and cyber company Mandiant. Lockheed Martin is the largest US arms dealer and defense contractor, which claimed in May 2011 that it was attacked by hackers. This incident was later groundlessly accused as, "Chinese hackers attack the US Department of National Defense."

"This year's report is repeating old accusations, only that they have added some ambiguous details. For example, it issued the names of network security agencies under China's Central Military Commission, and moved the address of military hackers to Shanghai, so as to increase the credibility of their claims."

Shen said some of the details provided by this report are untrue. For example, a Google search of "the Second Bureau of the Third Department of the General Staff Headquarters" and "PLA Unit 61398," does not find useful results. However, according to these key words, one can find a lot of "network articles." He guessed that the report might have borrowed information from these network stories. Shen added that the Pentagon once pictured "crabs at deep sea" which appears in a science fiction on the campus website of China's Tsinghua University, as a submarine attack that China had planned. Besides, the Pentagon used a Chinese professor's article on certain media as evidence that "China is to change the policy that it will not use nuclear weapons ahead of others."

In order to expand its cyber army scale and purchase weapons from private companies, the US Department of Defense needs a plausible excuse to convince the public. Commercial benefits attracted relevant companies to plan together with the US government that the country is faced with enemies and threats. This is decided by the US government's budget system, said Shen.

"The US side's repeated release of reports of Chinese hackers attacking US information security is a reflection of their lack of strategic trust in China and their anxiety concerning national security."


Copyright © China Internet Information Center. All Rights Reserved
E-mail: webmaster@china.org.cn Tel: 86-10-88828000