Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Red Dragon Rising Understanding the Chinese Cyber Scenarios 02 march 2014


Published on

Red Dragon Rising Understanding the Chinese Cyber Scenarios 02 march 2014
Cyber Warfare, Cyber Conflict, People's Republic of China, People's Liberation Army, 中國人民解放军, 中華人民共和國
#紅龍崛起, Communist Party Of China, 中國共產黨 ,
信息對抗 - Xìnxī duìkàng information confrontation, 網絡戰 - Wǎngluò zhàn cyber warfare

Published in: Technology
  • Be the first to comment

Red Dragon Rising Understanding the Chinese Cyber Scenarios 02 march 2014

  1. 1.©
  2. 2. 中 華 人 民 共 和 國 網 絡 代 碼 衝 突... 中国人民共和国 信息戰 Red Dragon Rising – China Challenges: People's Republic of China use of Computers & Networks as a Strategic Weapon 02 MARCH 2014 LTCOL (RET) William Hagestad II MSc Security Technologies MSc Management of Technology©
  3. 3.©
  4. 4. The Middle Kingdom….©
  5. 5. 籠恐龍 籠恐龍…Caged Dinosuars©
  6. 6. “21st Century Chinese Cyber Warfare” “二十一世紀中國網絡戰” 取締中華人民共和國© ISBN: 9781849283342
  7. 7.© ISBN: 978-1482577105
  8. 8.© ISBN: 978-1493771974
  9. 9.© ISBN: 978-1496080875
  10. 10.©
  11. 11.©
  12. 12. Is China Really the Enemy?©
  13. 13. Cyber Adversary Taxonomy Cyber Threat Motive Targets of Opportunity Methodologies Capabilities Nation States ~ Peace Time Economic, Military, National Secrets, Political Commercial Enterprises, Intelligence, National Defense, Governments, National Infrastructure Military & Intel specific cyber doctrine, hacktivists Asymmetric use of the cyber domain short of kinetic Nation States ~ War Time Economic, Military, Political Commercial Enterprises, Intelligence, National Defense, Governments, National Infrastructure Military & Intel specific cyber doctrine, hacktivists Asymmetric use of the cyber domain including kinetic Political Infrastructure, Extortion and Political Processes Combination of advanced persistent threats (APT) Developing – will be a concern in 2012 Cyber Terrorists & Insurgents Cyber Criminals – Grey & Black Markets Financial Criminal Organizations – RBS Financial Rogue Organizations – Anonymous, LulzSec Financial Military, National Secrets, Political Intellectual Property Theft, Fraud, Theft, Scams, Hijacked Network & Computer Resources, Cyber Crime for Hire Exploits, Malware Botnets, Worms & Trojans Cell-based structure as an APT Use of above with distinct planning Highly professional, dangerous Intellectual Property Theft, Direct & Indirect pressure on OGA Resources Organic hacking capabilities unsurpassed Organized yet decentralized©
  14. 14. The Middle Kingdom©
  15. 15. 中國人民解放軍 1949 Information Warfare (IW) 毛泽东 Mao Tse-Tung©
  16. 16. Chinese View… 16 AUGUST 2011©
  17. 17. Chinese Perspective….  16 AUGUST 2011 – People’s Tribune Magazine - (人民论坛杂志) publishes several articles…  4 are very problematic for the United States…. – “A Sovereign Country Must Have Strong Defense” by Min Dahong, director of the Network & Digital Media Research Office @ China Academy of Social Sciences; – “America’s ‘Pandora’s Box’ Cyber Strategy Confuses the World” by Shen Yi Fudan University’s Department of International Politics; – “Cyber Power ‘Shuffles the Cards’: How China Can Overtake the Competition” by Tang Lan, Institute of Information and Social Development Studies at the China Institute of Contemporary International Relations; and – “How to Construct China’s Cyber Defenses” by Liu Zengliang, from the PLA National Defense University©
  18. 18.©
  19. 19. 誰是中國?©
  20. 20. 中國黑客…. 4 Groups…Official & Unofficial…. 第一…中國共產黨 (CPC) 第二…人民解放军 (PLA) 第三… 中國國有企業 (SOE) 第四個…中國黑客 (Hacktivists)©
  21. 21. 中國共產黨 - CPC ► Codified cyber warfare in 2010… • In response to US Cyber Command 6 months earlier… ► Official Edict: “protect national infrastructure from external cyber threats” – President Hu Jin tao ► President Hu’s successor Xi Jin ping …. Motivations: • Maintain & Retain Chinese Dream… • Ensure China’s Sovereignty… • Control Freedom of Search… • Ensure stable transition of Communist Regime…©
  22. 22. Chinese Information and Cyber Warfare Government Intent Golden Shield…Filter the Chinese Internet o Designed 1998 o Operational NOV 2003 o CISCO powered – cost $ 800M USD o China’s Ministry of Public Security (MPS) operates…. Green Dam….1 July 2009…new PC’s must have Chinese Government Spyware…. Military Focus Civilian Dimension©
  23. 23. 人民解放军- PLA ► 500 BC Sun-Tzu’s Art of War – basis ► Sun Ping’s Military Methods ► 1995 - Major General Wang Pufeng – Founding father of Chinese Information Warfare (IW) ► 1999 - War Without Limits – PLAAF Senior Colonel’s Qiao Liang & Wang Xiangsui ► 2002 - PLA's IW strategy spearheaded by Major General Dai Qingmin Integrated Network-Electronic Warfare (INEW)©
  24. 24. 信息支持(保證)基地 19 JUL 2010 Cyber Base…. Official Mission…Protect the national infrastructure of the People’s Republic of China… Established 6 Months AFTER U.S. says “we are taking military approach to Internet…”©
  25. 25. Official Statement of Chinese IW 20 JUL 2010 – ‘ordered by President Hu Jintao to handle cyber threats as China enters the information age, & strengthen the nation's cyber-infrastructure’ General Staff Directorate’s (GSD) Cyber Warfare ‘Princelings’… General Zhang Qinsheng 章沁生 General Chen Bingde 陈炳德 漢族…Han Chinese General Ma Xiaotian 马晓天 Communist… Technologists… Vice Admiral Sun Jianguo 孙建国 PLA Leaders…. & Major General Hou Shu sen 侯树森 中國人©
  26. 26. 目前中國網絡戰的戰術 China’s “Goal is to achieve a strategic objective…over adversaries…” “You have to meet my political conditions or your government will be toppled, or you promise to meet some of my political conditions.” • Major General Hu Xiaofeng, Deputy Director for the National Defense University Department of Information Warfare and Training Command • Professor Meng Xiangqing, National Defense University Institute for Strategic Studies 黑暗訪問者, 2009; [Online] Available at:©
  27. 27. 黑客 - Hacktivists  Originally supported by CPC & PLA • • • • Now uncontrollable….Golden Shield Project? Comment Group… Elderwood Gang… Use of known Chinese malware for commercial purposes now…  Reinforce PRC’s nationalism via the web • • • • Taiwan, the renegade Chinese Province Punishing Japan for WWII war crimes, Daiyu Islands Confronting Philippines, Oil near Huangyuan Codera’s anti-Chinese web rhetoric  Capability to carry out Chinese State Policies without attribution….©
  28. 28. 很多 年華 中國 Cyber Activity     1995 – Chinese General MG Wang Pu Feng describes attacking via Internet 1997 – “War Beyond Limits” (Unrestricted Warfare) is written by 2 Senior Chinese Colonels 2001 China warns of massive hack attacks 2002 - “informatization”信息化 campaign begins Chinese Communist Party (CCP) General Secretary and Central Military Commission (CMC) Chairman Jiang Zemin, a speech before the 16th Party Congress 2003 - Titan Rain泰坦雨 US DoD & Government websites targeted 2004 – Japan targeted by Chinese over disputed Daiyu Islands 2007 – GhostNet 幽灵网 Global CnC network with IP addresses in People’s Republic of China 2008 – Byzantine Hades - targeted cyber operations against the U.S. government using social engineering and malicious attachments and links in e-mail messages. 2008 - MI5 writes to more than 300 senior executives at banks, accountants and legal firms warning them - the Chinese army is using Internet spyware to steal confidential information 2009 - Operation Aurora 操作极光 International Energy Industry targeted 2009 – Night Dragon夜龙 Global multinationals attacked via Internet 2010 – Article - Should we be afraid of Chinese hackers?...Or lost cyber war? 2011 -US needs to get better at preventing foreign access to advanced technology - GAO watchdogs find holes in high-tech access, licensing rules 2011 – Chinese military CCTv-7 demonstrates GUI Hacking of University of Alabama 2011 – Office of the National Counterintelligence Executive (ONCIX) Report indicates both China & Russia target IP 2011 – Operation Shady RAT FIVE year campaign of economic & intelligence data exfiltration 2012 – “Occupying the Information High Ground: Chinese Capabilities for Computer Network Operations and Cyber Espionage”    2012 – Chinese Technology Policy & Cyber Offensive Operations - April 2012 – China & Philippines engage in mutual cyber attacks over Scarborough Shoals – April 2012 – “US & China must work to avoid cyber conflict” DefSec Panetta                 NORTHRUP GRUMMAN March 7, 2012 2012 – Chinese Hackers hack White Nuclear Secrets Network 2012 – US House Intelligence cites Huawei & ZTE as threats to National Security 2013 – Shanghai Jaiotong University tied to PLA hacking unit©
  29. 29. 0 結束狀態 1) 2) 3) 4) 5) Cyber-espionage is state sponsored; yet direct attribution is an illusion…. 中華人民共和國 plans cyber-espionage – defensively & offensively; Cultural, economic, historical & linguistic threads中國 cyber-espionage; 中國, although advocating citizen hacking, no longer controls it; Commercial enterprises worldwide are permeable to中國cyber hacking in all form & methods; 6) 中國malware, RATs, Botnets are undiscoverable…. 7) Mandarin Chinese (complex and simple) are an exceptional form of cryptography… 8) All Western InfoSec Technology are ineffective against中國 attacks; 9) Companies cannot defend adequately from the various alleged Chinese information warfare threats of Next Generation Warfare; 10) Offensive Cyber Capabilities must be developed…..protect your IP & Network 11)中華人民共和國 cyber-espionage threat serious & only become much worse…..©
  30. 30. . DO NOT become a Chinese Cyber Espionage case study in my slide deck! 中國國有企業©
  31. 31. “21st Century Chinese Cyber Warfare” “二十一世紀中國 網絡戰” Available : ISBN: 9781849283342©
  32. 32.©
  33. 33. 謝謝您 謝謝您的時間今天 有沒有問題?©
  34. 34. 你會說中國普通話... ...嗎? 看 看 發 生 了 什 麼 事 !©
  35. 35. 跟隨紅龍 Red-DragonRising #RedDragon1949©