(回答先: 中国がサイバー攻撃計画 CIAが分析と報道 投稿者 倉田佳典 日時 2002 年 4 月 26 日 21:14:58)
CIA Warns of Chinese Plans for Cyber-Attacks on U.S.
Defense: Analysts fear government and private efforts to sabotage federal
Internet sites.
By ERIC LICHTBLAU, TIMES STAFF WRITER
WASHINGTON -- U.S. intelligence officials believe the Chinese
military is working to launch wide-scale cyber-attacks on
American and Taiwanese computer networks, including
Internet-linked military systems considered vulnerable to
sabotage, according to a classified CIA report.
Moreover, U.S. authorities are bracing for a possible wave of hacking attacks by Chinese students
against the United States in coming weeks, according to the analysis. The confidential alert, which
was reviewed by The Times, was sent to intelligence officials a week ago.
Although U.S. officials have voiced concerns about individual hackers in China who have defaced
federal and private Web sites, the United States has resisted publicly linking the Chinese
government to those attacks or to broader cyber-style warfare. The new CIA report, however,
makes clear that U.S. intelligence analysts have become increasingly concerned that authorities in
Beijing are actively planning to damage and disrupt U.S. computer systems through the use of
Internet hacking and computer viruses.
Although the assessment concludes that China has not yet acquired the technical sophistication to
do broad damage to U.S. and Taiwanese systems, it maintains that this is the "intended goal" of the
People's Liberation Army in China. "The mission of Chinese special forces includes physical
sabotage" of vulnerable systems, the report says--which some analysts said is driven by China's
hostility toward Taiwan.
The Chinese Embassy in Washington insisted Wednesday, however, that Beijing is only
conducting computer research that is strictly defensive in nature.
"It is not the Chinese government's policy to disrupt the computer system of any other country,"
said Larry Wu, an official in the embassy's science and technology section.
"We do research on the security of computers, of course--self-defense to understand how a hacker
can get into our computer systems so we can defend it," he said. "But China has never assumed an
offensive stance with regards to computer technology."
But several specialists in Chinese security and military affairs said the CIA's conclusions jibe with
their own observations about China's research into offensive-minded cyber-tools.
"We should be very worried about this issue," said James Mulvenon, a China analyst at the Rand
Corp. think tank who has done extensive studies into Chinese computer capabilities.
Taiwan, which China regards as a renegade province, appears to be the driving force behind the
Chinese interest in hacking and viruses, Mulvenon said. Under one scenario, if China were to make
good on its long-standing threat to invade Taiwan, the Chinese military could then seek to deploy
widespread computer disruptions against American and Taiwanese military systems to slow any
effort by U.S. forces to intervene in Taiwan's defense, he said.
The issue threatens to inflame what are invariably tense relations between the United States and
the Communist regime in China, relations already frayed by a volley of charges and counter charges
during the last several years over alleged nuclear, military and political espionage.
Relations hit a low point last year after a U.S. spy plane collided with a Chinese jet fighter,
triggering an international standoff over the return of the plane's 24 Navy crewmen. China detained
the crew members for 11 days and returned the disassembled plane months later.
Recent months have seen a warming in relations as the Bush administration secured China's
cooperation in the war on terrorism. But China has become upset by what it sees as the White
House's increasingly favorable overtures toward Taiwan.
The CIA's assessment discusses Taiwan and the United States, revealing that U.S. intelligence
officials believe both are targets of the Chinese military.
"The People's Liberation Army does not yet have the capability to carry out its intended goal of
disrupting Taiwanese military and civilian infrastructures or U.S. military logistics using computer
virus attacks," said the CIA's report, which was included in a broader national security assessment
that authorities distributed to intelligence officials.
"China's virus attack capabilities are similar to those of sophisticated hackers and are limited to
temporary disruption of sectors that use the Internet," the CIA review said. "A Chinese virus
attack is capable of reaching e-mail communications, lap tops brought into China, and U.S.
Internet-based military computers."
A U.S. intelligence official who was briefed on the issue but asked not to be identified said analysts
believe that, although the most sensitive U.S. military databases are secure from hackers and
viruses, Internet-based military systems that are used for communications with bases around the
world and with outside military vendors could be vulnerable.
"These aren't the keys to the kingdom we're talking about," the official said. "There's no danger that
the Chinese are going to hack into our nuclear launch codes, but there is the danger they could
gather useful intelligence from penetrating some of the less sensitive networks that the Department
of Defense utilizes all over the world."
Recent U.S. intelligence indicates, the official said, "that the Chinese government is actively and
aggressively working on their cyber-war capability. They have a lot of people and a lot of
brainpower, and they're smart enough to appreciate that a significant aspect of any future armed
conflict is going to be cyber in nature."
Another government official who asked not to be identified cautioned, however, that the immediate
threat posed by Chinese computer disruptions is fairly limited.
"This is something we're certainly concerned about. But in terms of their being able to disrupt
Taiwan or U.S. military and civilian infrastructure, they can't do it yet. That's the story."
The concept of nations launching cyber-attacks against their enemies is a relatively new
phenomenon, but it is drawing rising concern from U.S. authorities as they assess vulnerability in
the national computer infrastructure. In an effort to beef up security, budget planners are
projecting an increase of more than 50% next year in overall computer security, bringing the total
to more than $4 billion.
The CIA report does not reveal how intelligence analysts arrived at their conclusions, and Jonathan
Pollack, chairman of the strategic research department at the Naval War College, cautioned that
there are still many unanswered questions about China's plans.
"China is still an issue that worries Americans deeply, and sometimes the intelligence community
gets a head of steam on these things and can go off on tangents that may not be substantiated," he
said.
Last year, the spy plane confrontation triggered an avalanche of about 1,200 attacks against U.S.
government and commercial Web sites that were disrupted or defaced. Many of the attacks
appeared to have been generated by students in China, with private hackers leaving patriotic
pro-China messages or vowing revenge for the death of a Chinese pilot in the plane collision.
Several hundred attacks on Chinese Web sites were blamed on American hackers, although some
U.S. technology experts discounted that explanation.
The CIA assessment said China's "nonstate hacking community continues to pose the most
immediate threat to U.S. computer networks."
It went on to warn that hackers in China "appear to be organizing for cyber-attacks again this
spring, particularly during student breaks early next month and around the anniversary of the EP-3
[surveillance plane] incident."
The anniversary of the EP-3 collision passed uneventfully this month. But private security groups
say they too have picked up on possible Chinese-based attacks in coming weeks--tied to the plane
episode as well as China's national youth day on May 4 and the May 8 anniversary of the U.S.'s
accidental bombing of the Chinese Embassy in Belgrade in 1999.
"We're warning our people about it and making sure everyone has their Web sites updated with the
proper patches" to guard against denial-of-service attacks and other hacking, said Michael Cheek,
director of intelligence for iDefense, a security intelligence service that has government and
corporate clients around the world.
The U.S. intelligence official said that analysts suspect last year's hackings had the "tacit blessing,"
and even perhaps the active involvement, of the Chinese government.
Indeed, a report due out next month from Mulvenon and the Rand Corp., which does research for
the U.S. government, will allege that the Chinese government was directly involved in at least one
round of hack attacks.
After a spate of attacks against Web sites in the United States, Australia, Canada and England
maintained by the Falun Gong religious movement--which China considers an "evil
cult"--Mulvenon said his investigation unearthed evidence showing that at least one U.S. attack
originated with the Chinese Ministry of Public Security.
"It's very clear to us that this was the ministry's doing, and it was a deliberate attempt to smear
Falun Gong," he said.
http://www.latimes.com/news/printedition/la-000029427apr25.story