Measuring China's Cyberwar Threat

An anonymous reader writes with this excerpt from Network World: "A lengthy report prepared for the U.S. government about China's high-tech buildup to prepare for cyberwar includes speculation about how a potential conflict with the U.S. would unfold — and how it might only take a few freelance Chinese civilian hackers working on behalf of China's People's Liberation Army to sow deadly disruptions in the U.S. military logistics supply chain. As told, if there's a conflict between the U.S. and China related to Taiwan, "Chinese offensive network operations targeting the U.S. logistics chain need not focus exclusively on U.S. assets, infrastructure or territory to create circumstances that could impede U.S. combat effectiveness," write the report's authors, Bryan Krekel, Patton Adams and George Bakos, all of whom are information security analysts with Northrop Grumman. The report, "Occupying the Information High Ground: Chinese Capabilities for Computer Network Operations and Cyber Espionage," focuses primarily on facts about China's cyberwar planning but also speculates on what might happen in any cyberwar."

Wanna cyber?

In computers and network security, every time someone uses 'cyber' in a serious, unironic manner, they lose credibility.

TFA uses it 9 times.

Ahh yes

Our newest 'threat' we need to throw money at to 'combat'.

Instead of ohhhh... i dont know... not connecting important shit to the internet...

What's it gonna be called.. Thats the big question. 'War on Cyber' Doesnt sound catchy enough.

Re:Military using the public Internet?!?

[daveschroeder]

There are many different tasks and functions for which the military and government agencies use the public/commodity internet. There are also various levels of private networks for more sensitive requirements.

None of that, however stops the NSA from operating under the assumption that its networks are compromised.

Brookings just put out a great paper on a related topic, Cybersecurity and U.S.-China Relations (PDF). It's worth a read.

why are critical systems on the net to begin with?

[joneil]

Mod me double plus idiot if you will, but in our small company, our "critical computer" - the one hat has files I don't want to loose (yes, i do back ups), and the one I don't ever want hacked, it is NEVER connected to the internet. No wifi, no bluetooth, no cable, nada, zilcho. I even have independent power supply aside from plugging it into the wall.

  Anything I need to introduce into the computer id done by a freshly formatted USB, and double checked and scanned first on a different machine running linux. When not in use, I physically turn it off and disconnect the power supply, and if the hackers can get into a machine with no power, well, I;ll just go back to pen and ink at that point. :)

        Now seriously, I know you cannot turn off a computer that is running a nuke plant or a NORAD radar system, but why are so many critical systems connected to the internet? Or have online access of any kind? Back in the good old days of BBSes when I was a sysop and upgrading form a 9600 baud modem to a 28,800 like like a miracle (you know, this was back way when dinosaurs still roamed the earth, or so my kids see it as such :) ), the quickest way sometimes to block a hacker attack as to physically disconnect the phone line from the modem.

        Again, mod me super simplistic idiot, but if I were operations manager for a nuke plant, and a major cyber attack was underway, to prevent a meltdown, wouldn't you be tempted to just take a pair of wire cutters and snip the physical connection to the internet?