I've had a scary day - I've discovered I'm part of a war I had never heard of, fighting what may be hundreds of thousands of members of a loose Chinese "civilian cyber militia". You're part of it, too, although you might not have known it, and none of us is totally safe because our attackers are invisible, untraceable, and growing.
And they're powerful. They've penetrated national security strongholds that you thought were invincible, including the Pentagon, Congress, NASA, and the White House, plus countless banks and foreign ministries in over 100 countries. They have unauthorized access to major news organizations and all kinds of human rights groups that shed light on abuses in China. They've been fighting us for years on home cyber-soil, they've cost us billions of U.S. dollars, and most of us have never even heard of them. But this cyber-war is raging whether we know about it or not.
The Chinese government has worked incredibly hard to censor the internet domestically (see our work on Chinese abuses on internet freedom) - including but by no means limited to the "Great Firewall of China" - but the battles of hackers point to an unofficial Chinese force that is working to censor the internet globally. What that means for CNN, who reported on violence in Tibet preceding the 2008 Olympics, or Congressman Frank Wolf, who speaks out on behalf of Chinese dissidents, is that merely by sharing information that could be interpreted by nationalist hackers as "anti-Chinese", we become targets in this war and the price is high. Whether or not the Chinese Communist Party is the force behind these strikes (officials have denied a relationship, but evidence suggests they may be compensating successful hackers), they certainly have an effective global gag at their disposal and a demonstrated value for information control. And that should make us all a little afraid.
[A short list of successful Chinese hacks]
March 30, 2009 Research indicates Chinese hackers have penetrated 1,295 government and private computer systems in 103 countries through GhostNet including NATO and foreign ministries, embassies, banks and news organizations, large-scale breaches in Dalai Lama's computers, plus the ministries of Foreign Affairs of Bangladesh, Indonesia, Iran, Latvia, and the Philippines.
August 2008 CNN is taken down by Chinese hackers
June 21, 2007 Chinese hackers penetrated the Pentagon email system
August 2006 Congressman Frank Wolf's computer systems are hacked for information on dissidents and human rights activists by Chinese sources.
November 1, 2004 At 10:23 p.m. pacific standard time (PST), they found vulnerabilities at the U.S. Army Information Systems Engineering Command at Fort Huachuca, Arizona. At 1:19 am PST, they found the same hole in computers at the military's Defense Information Systems Agency in Arlington, Virginia. At 3:25 am, they hit the Naval Ocean Systems Center, a defense department installation in San Diego, California. At 4:46 am PST, they struck the United States Army Space and Strategic Defense installation in Huntsville, Alabama.
Beginning in 2003 (and still continuing) an wave of attacks dubbed "Titan Rain" hacked networks in NASA, Lockheed Martin, Sandia National Laboratories, Redstone Arsenal, and were reported "most likely the result of Chinese military hackers"
May 4, 2001: The White House website was crashed by a distributed denial-of-service attack, and at the same time, the Department of the Interior's National Business Center site is vandalized with "Attack anti-Chinese arrogance!", the Department of Labor home page: "CHINA HACK!" and the U.S. Navy home page reads "I AM CHINESE" - In this wave, "Chinese hackers had felled 1,000 American sites"
For more information, check out the Dark Visitor Blog of retired US Army linguist Scott Henderson