China admits cyber warfare unit

The elite unit – part of China’s People’s Liberation Army – is called the “cyber blue team” and will supposedly protect Chinese networks from external cyber attack.

But many fear that it could also go on the offensive, leading co-ordinated cyber warfare across the globe.

Governments and companies around the world are already concerned that their networks come under regular attack from Chinese hackers.

In February, Chinese hackers targeted multinational energy firms to steal information, in an attack called “Night Dragon”, and last year the Government said cyber attacks were one of the biggest security threats faced by the UK.

Cyber attacks are an incredibly potent weapon which will certainly be utilised. Intelligence analyst Glenmore Trenear-Harvey

Internet security experts believe that up to a quarter of cyber attacks may originate in China, and in many cases, they also suggest the hackers have links to the army or the Chinese Government.

The existence of the blue team was confirmed by Chinese Defence Ministry spokesman, Geng Yansheng, in a briefing in Xinhua. He said the team was set up to “better safeguard the internet security of the armed forces”.

Cyber threat

When asked whether the unit would initiate cyber attacks on foreign powers, Mr Geng said internet security was an international problem, affecting civil and military areas. He said China was still “relatively weak” in internet security protection, and vulnerable to cyber-terrorism.

It is believed the unit has existed for at least two years and could be 30-strong.

Intelligence analyst Glenmore Trenear-Harvey told Channel 4 News that many in the intelligence community believe the Chinese already have a cyber attack force – and have done for at least five years.

“They may have acknowledged that they have set up this unit but they have been doing it for a long time, and they have been enormously successful in their attacks,” he said.

He said the view was that “literally thousands” of hackers within China had been recruited to form a “botnet army”, lodging themselves within unsuspecting computers. They can then use this capability either to conduct a denial of service, taking down sites, or acting as a Trojan horse to get within computers and steal information.

“As an offensive tool that is very much something the People’s Liberation Army would do,” he added.

Could invite a 'physical armed response'
Director of Transnational Threats and Political Risk at the International Institute for Strategic Studies, Nigel Inkster, told Channel 4 News that hackers would need to be aware of the "escalatory potential" of their actions.

"If you engage in this, you have to be aware that it has escalatory potential," he said. "It invites a physical armed response. In draft US legislation on this topic, the US reserves the right to decide whether it can engage in an escalatory armed response. So if there was an attack on its water, its infrastructure, something like that - we might see retaliation beyond the cyber world."

The cyber threat comes from two main areas, he said – criminals, aiming to profit, and states, concentrating on defence and security.

And the threat could much wider than previously thought, Director of Transnational Threats and Political Risk at the International Institute for Strategic Studies, Nigel Inkster, told Channel 4 News.

“This is not just conventional military powers. Put bluntly, everyone’s at it. It is a game anyone can play. For example Japan has a formidable capacity and we have no idea what it is doing with it – and Singapore, Switzerland, Israel,” Mr Inkster, who used to work in the British Secret Intelligence Service, warned.

Mr Trenear-Harvey added: “It is one of the greatest threats we have, and we have the Communications Electronic Security Group (CESG) advising all Government departments on how to protect themselves.

“But do remember that we – the US and UK – are doing this in reverse and we are very successful. It’s an incredibly potent weapon which will certainly be utilised.”