By Bill Gertz
New details emerged last week revealing that Chinese intelligence agencies are using covert hacking groups to gather large amounts of data on Americans.
Security researchers tracked two Chinese hacker groups known as Deep Panda and Wekby that are linked to cyber attacks against a U.S. air carrier, a European telecommunications company and a European energy company.
The same groups are suspected of carrying out the massive U.S. government cyber security breach against two networks at the Office of Personnel Management, the agency that keeps records on federal workers and conducts background checks for security clearance.
An estimated 22.1 million people had sensitive personal records stolen in the OPM hack.
That breach comes on the heels of the disclosure in February that the major healthcare provider Anthem was hit in a cyber attack that involved the theft of medical records on 80 million people.
Publicly, the Obama administration, along with law enforcement authorities and security officials, provided confusing responses to the cyber attacks.
President Obama initially identified the breach as a “cyber attack” but declined to name China as the culprit. He also warned that additional cyber attacks are likely and asserted government is trying to bolster network security.
Other officials gave conflicting responses to the attacks. Some identified the bulk data theft as cyber espionage; others claim the motive for the strikes is unknown.
The Chinese are developing a Big Data gallery as part of their information warfare operations against the United States.
“China is building the Facebook of human intelligence capabilities,” Adam Meyers, vice president of intelligence for cybersecurity company CrowdStrike Inc. told Bloomberg. “This appears to be a real maturity in the way they are using cyber to enable broader intelligence goals.”
To understand the objectives behind the Chinese intelligence operation to steal personal data requires first understanding Chinese strategy.
China’s cyber attacks are part of a coordinated information warfare program against the United States.
Russian military writer Alexander Migunov identified Chinese information warfare as following Sun Tzu’s strategy of defeating your enemy without firing a shot. The skillful, efficient and competent use of information warfare has been a priority for the Chinese since the concept was first disclosed publicaly in 1985, he says.
Migunov sees Chinese information war as based on Marxist-Leninist-Maoist concepts of People’s War and local ideas of “how to maintain war on strategic, operative and tactical levels.”
“Most part of this approach is focused on deceiving the adversary, on the war of minds (knowledge) and on searching for asymmetric advantages over the adversary.”
Further, the cyber attacks are further part of what Chinese military theorists are calling “trump card and data link warfare.”
Again, Sun Tzu is instructive and crucial to understanding Chinese intelligence strategy. The ancient strategist said defeating enemies requires “foreknowledge” or intelligence. “Knowledge of the enemy’s dispositions can only be obtained from other men,” he stated.
Thus obtaining sensitive information on tens of millions of Americans is part of China’s plan to conduct operations – both information-gathering and information warfare activities, including cyber attacks that could cripple critical infrastructure and prevent the normal functioning of an information system-based nation like the United States.
What are the targets? The Chinese are looking for access to secrets that will be useful in a future conflict. To gain access to those secrets, the Second Department of the PLA General Staff, the military intelligence service known as 2PLA, and the Ministry of State Security, the civilian intelligence service are directing the Big Data collection efforts.
The information will be pooled and cross-referenced. The database will provide keys to identifying U.S. government and corporate personnel with access to the types of information China is seeking for its military.
For example, China knows from public accounts that the Pentagon is seeking to develop a new generation of high-technology weapons it calls the “third offset.”
The U.S.technology is focusing on robotics and drones and advanced propulsion, like electro-magnetic rail guns.
China likely will use its database of Americans to first identify and then target U.S. officials and defense contractors involved in the high technology weapons programs. The campaign will be designed for both human spying and cyber intelligence-gathering with the objective of preparing to gain remote access.
The Obama administration so far has ignored the cyber attacks and has not responded, other than asserting it is addressing weaknesses in networks.
— July 19, 2015