Skip the navigation

China makes viruses for cyberwar first-strike

DoD report shows change in Chinese military's thinking on information warfare

May 29, 2007 12:00 PM ET

Computerworld - China's military has developed cyberwarfare first-strike capabilities that include units charged with developing viruses to attack enemy computer networks, a Department of Defense (DoD) report warned last Friday.

"The PLA [People's Liberation Army] has established information warfare units to develop viruses to attack enemy computer systems and networks, and tactics and measures to protect friendly computer systems and networks," the Pentagon's annual report to Congress on China's military power said. "In 2005, the PLA began to incorporate offensive CNO [computer network operations] into its exercises, primarily in first strikes against enemy networks."

This newest report shows how the Chinese military's thinking on information warfare has changed in recent years, said Andrew Macpherson, director of the technical analysis group at the University of New Hampshire's Justiceworks and a research assistant professor of justice studies. Macpherson, a cybercrime and cyberwar researcher whose group debuted a Cyber Threat Calculator in January at a DoD cybercrime conference, noted that as recently as two years ago, other editions of the report stressed China's investments in defensive measures.

"The Chinese were a lot more concerned about our viruses because they were using off-the-shelf [Western] software," Macpherson said. "Now there's no mention of that, and much more of the discussion is about first-strike capabilities."

Even though the report's short section on information warfare is necessarily vague, "it's a good window into what our government is seeing from China," Macpherson said. "It's the highest level of unclassified American thought on China's capabilities and how they would use them. These annual reports are helpful [because] they show how China continues to develop it's information warfare strategy."

And that development, Macpherson said, includes thinking about using viruses and other cyberwarfare tactics in a first strike. "A lot of [the PLA's] weapons systems are first-strike capable, to give them an advantage in any conflict. They're actively thinking about it. They know they will never catch up [to U.S. military technology], so they need these leapfrog technologies," such as an integrated information warfare capability, he added.

Using cyberwarfare in a first strike, however, is another matter, and as in other military-political decisions, rests on whether China's leaders believed that they had an answer to some sort of political question. Most analysts have pointed to Taiwan, the island nation that the People's Republic of China views as a rogue province, as the location of any possible first strike by the PLA, cyberwarfare or otherwise. "Taiwan is their primary national security issue," Macpherson noted.

The DoD report put it into perspective: "A limited military campaign could include computer network attacks against Taiwan's political, military and economic infrastructure to undermine the Taiwan population's confidence in its leadership."



Our Commenting Policies