Ranked in front of banks of computer screens in the large, fluorescent-lit offices of the Tenth Bureau, the highly secret department responsible for science and technology, thousands of cyber spies are at work. The hackers, mainly graduates in their twenties, work in eight-hour shifts, 24 hours a day, seven days a week, as part of an unrelenting Blitzkrieg against Britain and other Western countries.
This is warfare without boundaries, and its tactics will dictate the way in which future conflicts are fought.
Chinese cyber spies are under strict orders to target any organisation, from government departments to hedge funds, whose secrets may benefit the communist state, launching as many as 1,000 attacks every day against the UK alone.
Britain’s Ministry of Defence, one of the prime targets, was alone the victim of more than 1,000 cyber attacks last year, and although no official will admit it publicly, the Chinese are the main culpritsMuch is often made of computer geeks such as 19-year-old Ryan Cleary who is accused of being a “major player” in LulzSec, the group that has been linked with attacks on computer networks belonging to the CIA, the police and the US Senate.
But it is the Chinese and the Russians who are the real worry for MI5 and the cyber warfare chiefs at the Government Communication Headquarters (GCHQ) in Cheltenham.
“The Chinese are after every secret the UK possesses,” one senior security official told The Sunday Telegraph. “The main challenge for the Chinese at the moment is not how to steal the secrets but what to do with all the information they now possess. The Chinese have stolen so much information that it is taking them a long time to sift through it to find what is really useful to them. Some of the attacks are highly precise – with others, it’s just trawling – but that provides a measure of their capability.”
For Britain’s spy chiefs the cyber war with China is more than just an irritating distraction from its main focus of trying to prevent an attack from al-Qaeda. Last year, cyber crime cost the British economy £21billion, according to one industry report. But it is widely accepted that the figure could be much higher.
In 2009, a foreign intelligence agency infiltrated the Pentagon’s £200billion Joint Strike Fighter project, the US defence department’s costliest weapons programme in history. Cyber spies stole data relating to the aircraft’s design and electronic system. Officials said the attacks appeared to originate from China. The Chinese have denied any knowledge of the attack.
Google, the Pentagon, Chinese dissidents, the defence and oil industries and the UN have all had their computer systems hacked. China is believed to be behind most, if not all, of the attacks. While the financial cost is a worry, the real concern is the impact cyber warfare will have in a military conflict. Whether or not the subject will be discussed when Wen Jiabao, the Chinese premier, meets the Prime Minister tomorrow remains to be seen.
Cyber attacks include acts of cyber war, terrorism, espionage, crime, protest, theft and vandalism. Lines between categories are often blurred, and it is difficult to identify the perpetrators or understand their motives. But it is not just the Chinese who dabble in cyber warfare – the Russians are pretty expert, too.
For example, there is still some debate over whether the 2007 cyber attacks that closed down Estonian government networks were acts of cyber warfare by the Russian government, or acts of political protest by hackers. Both Russia and China are known to route their attacks through different states, which makes identifying who is behind a specific attack difficult. Both countries are also known to use the services of sophisticated criminal gangs acting as contract cyber hackers, who, for a fee, will target a government of choice.
One of the classic forms of attack is the use of a bot, a virus embedded into an email sent to attract the attention of a specific individual. Once the email is opened, the laptop becomes “infected” and can be controlled by an outside agency.
One security source told The Sunday Telegraph the story of an arms dealer who unwittingly opened a bot. From that moment on, a foreign spy agency, believed to be the Russians, managed to take control of his computer.
“The hackers had control of his email, diary and stored files. They were able to switch on his computer when he was in a meeting and record entire events.”
Another government security official added: “There have been a lot of UK companies who have been turned over very badly and lost a lot of money. At the moment the Chinese are concentrating on economic targets. They are trying to get access to negotiating positions, economic performance targets, anything that gives them the upper hand, whereas Russia is primarily interested in energy and defence.”
The Government acknowledged the size of the threat to the UK last year when cyber security was finally classified as a “tier one” priority. The move resulted in an extra £650million being allocated to create a national cyber security programme and a new cyber operations group under the command of Major General Jonathan Shaw, who is tasked with making sure that Britain has the same command and control structure for cyber operations as it does for conventional operations.
The UK is also developing a cyber weapons programme that will give ministers an attacking capability to help counter cyber threats to national security.
Whitehall officials have recently revealed that the UK needs a new range of offensive options. The nature of the weapons being developed is top secret, but it is understood that the Cabinet Office and the Cyber Security Operations Centre at GCHQ have taken the lead on the issue.
The rise of cyber warfare has also led to the unlikely consequence of IT becoming “sexy”, according to one security source. Graduate software engineers, mathematicians, communications specialists and even reformed hackers are now in great demand by GCHQ as it begins to develop its own secret army to counter the threat.
And time is running out. The potential damage caused by highly sophisticated computer viruses was underlined last year with the discovery of the Stuxnet virus, which disrupted Iran’s uranium enrichment programme. The Iranians have accused the Israelis and the US of designing and deploying Stuxnet, which set some of their centrifuges spinning out of control. Experts have described the virus as being so technically advanced that is was beyond any threat seen in the past.
The defensive capabilities that cyberspace offers were demonstrated by a hacking team from GCHQ who last month hacked into an al-Qaeda online magazine and replaced bomb-making instructions with a recipe for cupcakes. When followers tried to download the 67-page colour magazine, instead of instructions about how to “Make a bomb in the Kitchen of your Mom” by “The AQ Chef”, they were greeted with garbled computer code. The code, which had been inserted into the original magazine by the British intelligence hackers, was actually a web page of recipes for “The Best Cupcakes in America”.
Strategists believe cyber warfare will play a major role in the early stages of a state-on-state attack. Imagine, for a moment, the advantage to one nation if it could disable an adversary’s electricity network, communication and air traffic control systems in the weeks prior to an attack.
Indeed, the war between Russia and Georgia, in 2008, saw the first use of cyber warfare in a state-on-state conflict. The war began on the night of August 7 after Georgia launched a large-scale military offensive against the separatist state of South Ossetia. Russia intervened on the side of South Ossetia, but prior to the attack, covert cyber units began infiltrating Georgian computer networks. When fighting broke out on August 8, the Russians caused panic in Georgia in a series of “denial of service” attacks that closed down large parts of the country’s computer network. The attacks showed how conventional and asymmetric tactics can complement one another in modern battlefields, setting the template for future conflicts.
Despite the rapidly growing nature of the threat, there is disagreement over which strategy should be adopted to prevent a similar attack against the UK. Nick Harvey, the Liberal Democrat defence minister, recently said: “Digital networks are now at the heart of our transport, power and communications systems, and our economy as a whole. This reliance brings the capacity for warfare to cyberspace. The consequences of a well-planned, well-executed attack against our digital infrastructure could be catastrophic. A single networked laptop might be as effective a weapon as, say, a cruise missile.
“In the military sphere, whenever a new domain opens up, like air and space-flight in the last century, the temptation is to devise wholly separate doctrines to address the new environment,” he continues. “But we must remember that cyber crime, cyber terrorism, cyber espionage, or cyber war, are simply crime, terrorism, espionage or war by other means.”
Lord Reid of Cardowan, the former Labour defence secretary, disagrees. “The nature of cyberspace means that imposing the old doctrines that served our defence will not work. Until we recognise that, we risk succumbing to a dangerous degree of cyber complacency.
“The transnational cyber environment is largely impervious to inherited legal frameworks. For instance, it is a great leap to assume that a cyber attack would fit neatly within the UN charter’s definition of ‘armed attack’. Moreover, the cyber world’s diffuse empowerment of individuals, corporations and non-state actors can render traditional political structures and approaches impotent.”
Whichever strategic approach the UK adopts, one fact is clear: the shock troops of the first cyber war will not be drawn from the Paras or the Marines who fought in Helmand, but from the X-Box generation who learnt their hacking skills in dark bedrooms.
But it is the Chinese and the Russians who are the real worry for MI5 and the cyber warfare chiefs at the Government Communication Headquarters (GCHQ) in Cheltenham.
“The Chinese are after every secret the UK possesses,” one senior security official told The Sunday Telegraph. “The main challenge for the Chinese at the moment is not how to steal the secrets but what to do with all the information they now possess. The Chinese have stolen so much information that it is taking them a long time to sift through it to find what is really useful to them. Some of the attacks are highly precise – with others, it’s just trawling – but that provides a measure of their capability.”
For Britain’s spy chiefs the cyber war with China is more than just an irritating distraction from its main focus of trying to prevent an attack from al-Qaeda. Last year, cyber crime cost the British economy £21billion, according to one industry report. But it is widely accepted that the figure could be much higher.
In 2009, a foreign intelligence agency infiltrated the Pentagon’s £200billion Joint Strike Fighter project, the US defence department’s costliest weapons programme in history. Cyber spies stole data relating to the aircraft’s design and electronic system. Officials said the attacks appeared to originate from China. The Chinese have denied any knowledge of the attack.
Google, the Pentagon, Chinese dissidents, the defence and oil industries and the UN have all had their computer systems hacked. China is believed to be behind most, if not all, of the attacks. While the financial cost is a worry, the real concern is the impact cyber warfare will have in a military conflict. Whether or not the subject will be discussed when Wen Jiabao, the Chinese premier, meets the Prime Minister tomorrow remains to be seen.
Cyber attacks include acts of cyber war, terrorism, espionage, crime, protest, theft and vandalism. Lines between categories are often blurred, and it is difficult to identify the perpetrators or understand their motives. But it is not just the Chinese who dabble in cyber warfare – the Russians are pretty expert, too.
For example, there is still some debate over whether the 2007 cyber attacks that closed down Estonian government networks were acts of cyber warfare by the Russian government, or acts of political protest by hackers. Both Russia and China are known to route their attacks through different states, which makes identifying who is behind a specific attack difficult. Both countries are also known to use the services of sophisticated criminal gangs acting as contract cyber hackers, who, for a fee, will target a government of choice.
One of the classic forms of attack is the use of a bot, a virus embedded into an email sent to attract the attention of a specific individual. Once the email is opened, the laptop becomes “infected” and can be controlled by an outside agency.
One security source told The Sunday Telegraph the story of an arms dealer who unwittingly opened a bot. From that moment on, a foreign spy agency, believed to be the Russians, managed to take control of his computer.
“The hackers had control of his email, diary and stored files. They were able to switch on his computer when he was in a meeting and record entire events.”
Another government security official added: “There have been a lot of UK companies who have been turned over very badly and lost a lot of money. At the moment the Chinese are concentrating on economic targets. They are trying to get access to negotiating positions, economic performance targets, anything that gives them the upper hand, whereas Russia is primarily interested in energy and defence.”
The Government acknowledged the size of the threat to the UK last year when cyber security was finally classified as a “tier one” priority. The move resulted in an extra £650million being allocated to create a national cyber security programme and a new cyber operations group under the command of Major General Jonathan Shaw, who is tasked with making sure that Britain has the same command and control structure for cyber operations as it does for conventional operations.
The UK is also developing a cyber weapons programme that will give ministers an attacking capability to help counter cyber threats to national security.
Whitehall officials have recently revealed that the UK needs a new range of offensive options. The nature of the weapons being developed is top secret, but it is understood that the Cabinet Office and the Cyber Security Operations Centre at GCHQ have taken the lead on the issue.
The rise of cyber warfare has also led to the unlikely consequence of IT becoming “sexy”, according to one security source. Graduate software engineers, mathematicians, communications specialists and even reformed hackers are now in great demand by GCHQ as it begins to develop its own secret army to counter the threat.
And time is running out. The potential damage caused by highly sophisticated computer viruses was underlined last year with the discovery of the Stuxnet virus, which disrupted Iran’s uranium enrichment programme. The Iranians have accused the Israelis and the US of designing and deploying Stuxnet, which set some of their centrifuges spinning out of control. Experts have described the virus as being so technically advanced that is was beyond any threat seen in the past.
The defensive capabilities that cyberspace offers were demonstrated by a hacking team from GCHQ who last month hacked into an al-Qaeda online magazine and replaced bomb-making instructions with a recipe for cupcakes. When followers tried to download the 67-page colour magazine, instead of instructions about how to “Make a bomb in the Kitchen of your Mom” by “The AQ Chef”, they were greeted with garbled computer code. The code, which had been inserted into the original magazine by the British intelligence hackers, was actually a web page of recipes for “The Best Cupcakes in America”.
Strategists believe cyber warfare will play a major role in the early stages of a state-on-state attack. Imagine, for a moment, the advantage to one nation if it could disable an adversary’s electricity network, communication and air traffic control systems in the weeks prior to an attack.
Indeed, the war between Russia and Georgia, in 2008, saw the first use of cyber warfare in a state-on-state conflict. The war began on the night of August 7 after Georgia launched a large-scale military offensive against the separatist state of South Ossetia. Russia intervened on the side of South Ossetia, but prior to the attack, covert cyber units began infiltrating Georgian computer networks. When fighting broke out on August 8, the Russians caused panic in Georgia in a series of “denial of service” attacks that closed down large parts of the country’s computer network. The attacks showed how conventional and asymmetric tactics can complement one another in modern battlefields, setting the template for future conflicts.
Despite the rapidly growing nature of the threat, there is disagreement over which strategy should be adopted to prevent a similar attack against the UK. Nick Harvey, the Liberal Democrat defence minister, recently said: “Digital networks are now at the heart of our transport, power and communications systems, and our economy as a whole. This reliance brings the capacity for warfare to cyberspace. The consequences of a well-planned, well-executed attack against our digital infrastructure could be catastrophic. A single networked laptop might be as effective a weapon as, say, a cruise missile.
“In the military sphere, whenever a new domain opens up, like air and space-flight in the last century, the temptation is to devise wholly separate doctrines to address the new environment,” he continues. “But we must remember that cyber crime, cyber terrorism, cyber espionage, or cyber war, are simply crime, terrorism, espionage or war by other means.”
Lord Reid of Cardowan, the former Labour defence secretary, disagrees. “The nature of cyberspace means that imposing the old doctrines that served our defence will not work. Until we recognise that, we risk succumbing to a dangerous degree of cyber complacency.
“The transnational cyber environment is largely impervious to inherited legal frameworks. For instance, it is a great leap to assume that a cyber attack would fit neatly within the UN charter’s definition of ‘armed attack’. Moreover, the cyber world’s diffuse empowerment of individuals, corporations and non-state actors can render traditional political structures and approaches impotent.”
Whichever strategic approach the UK adopts, one fact is clear: the shock troops of the first cyber war will not be drawn from the Paras or the Marines who fought in Helmand, but from the X-Box generation who learnt their hacking skills in dark bedrooms.
Post a Comment