Indian Defence Review

Major General William Lord from the US Air Force Office of War-fighting Integration, speaking at an information technology conference, said that China downloaded 10 to 20 terabytes of data. For comparison, the entire print collection of the Library of Congress contains approximately 10 terabytes of data. In addition to seeking to acquire important information about military and government activities, the operation conducted reconnaissance of the US command and control system, gaining information that could be used for future targeting. The US Strategic Command reported that in 2007, the Department of Defense estimated that five million computers experienced 43,880 incidents of malicious activity from all sources — a 31 percent increase over the previous year.”

The attacks are not confined to the United States. In May 2008, it was reported that Chinese hackers had broken into the computer network of the Indian Ministry of External Affairs (MEA).

As The Financial Express put it: “The bad guys are at it again and with increasing ferocity, attacking anything and everything.” This time, it was against India.

The attacks are not confined to the United States. In May 2008, it was reported that Chinese hackers had broken into the computer network of the Indian Ministry of External Affairs (MEA).

The motives of Chinese hackers usually include commercial and military intelligence gathering and the setting up of sleeper spies in the computer networks ready for future strikes. An official of the informatics division at the MEA confidently told the Financial Express: “The hackers attempted to hack in, but were not successful.”

The government refused to specify who the hackers were, but the IP addresses left behind suggested that the attack originated from China. As the attacks coincided with the unrest in Tibet, many observers believe that the hackers were trying to find out the Tibet policy of the MEA before the Olympic Games. Apparently, the Chinese hackers cracked the security code of a computer network in Beijing and possibly accessed official (encrypted or not) emails in which policy matters may have been discussed.

As usual, Delhi tried to downplay the incident.

A French cryptologist with a military background working for the French Laboratory of Virology and Operational Cryptology recently told Le Monde that according to him Internet security is increasingly uncontrollable. He compares Internet freedom to the democratic system which is best amongst bad systems. When asked if the informatics weapon can become a weapon of deterrence, he replied that contrary to the nuclear weapon, these weapons can be acquired by everyone: “All the ingredients of a catastrophic scenario (economic war between concurrent companies or inter-State wars) are today present. Experts do not ask if this catastrophe is going to happen, but only when.”

The Dark Visitors

In this new war scenario, the Chinese hackers, also called the Dark Visitors, have taken the lead, probably due to the high degree of nationalism present in China today.

Chinese hackers coined the word ‘Red Hacker’, which means someone is a patriotic hacker. Unlike our Western counterparts, Chinese hackers tend to get more involved with politics because most of them are young, passionate and patriotic.”

A new book, The Dark Visitors5 by Scott J. Henderson answers many questions on the origin and motivation of the hackers in China. The author first gives a history of the hacking business in China with a few individuals in the late 1990s; he details the emergence of ‘celebrated’ (in China at least) groups such as the Honker Union of China and Red Hacker Alliance. He then analyses in detail their methodology, hierarchy, ‘who they are’, their exploits and the content of their sites (which teach hacking to the public).

Wan Tao, the leader of China Eagle Union hacker group, also known as the ‘Godfather’ of Chinese hackers, explains the distinction between regular hackers and the famed Red Hackers: “Years ago, it was OK to be a hacker, when it simply referred to someone who would break into systems. But over the past decade, the attributes of hackers have become somewhat darker. Chinese hackers coined the word ‘Red Hacker’, which means someone is a patriotic hacker. Unlike our Western counterparts, Chinese hackers tend to get more involved with politics because most of them are young, passionate and patriotic.”

The most fascinating (and frightening) aspects of the Chinese hackers is that they are individuals with only loose links to the government. Henderson explains: “One of the unique aspects of the Chinese hacker organization is their nationalism, which is in stark contrast to the loner/anarchist culture many associate with the stereotypical Western hacker. They are especially active during periods of political conflict with other nations.” This sense of patriotism and their own ‘code’ make them act for China’s national honor and never hack inside China.

Two distinct groups are today working in China: one is a civilian ‘independent’ organization (such as the Red Hacker Alliance) and the other, the official one, the PLA.

When the question is put to Henderson about “tasking, oversight, and control of the organization”, his answer is simple, “[the hackers] are not a branch of the government or the military”. They are just an “independent confederation of patriotic youth dedicated to defending China against what it perceives as threats to national pride”.

In his in-depth study, he has not found any evidence of direct government control. However, the Chinese society does not function with the same parameters as the West [or India]. The Chinese government considers its citizens as “an integral part of Comprehensive National Power and a vital component to national security”.

Not A Method, A Way Of Thinking

At a time when India is thundering against its neighbour and threatening Islamabad with dire consequences if action is not taken against the ‘non-state’ actors who perpetrated the Mumbai terrorist attacks, can we imagine ten of thousands of Indian IT engineers providing regular inputs to the Indian intelligence agencies and undertaking some of its dirty work to tackle terrorism in Pakistan?

While in India, most believe that the ‘Dark Visitors’ type of scenario can only be inspired by a Bollywood script, it is not the case in the United States where businessmen and diplomats have repeatedly been “˜visited; as they arrive in China, they discover that their Chinese counterparts know everything about their plans.

Would they attack Pakistani or Chinese networks to get to know the thinking of the leaders of these countries or their plans for forthcoming negotiations or simply to make them understand that support to terrorism has a price? Certainly not!

As the Chinese Senior Colonels pointed out, it is more a way of thinking (and acting) than a technology or a method. This mindset is simply not present in India where intelligence is a government preserve which can not be delegated to non-state players.

The National Technical Research Organisation (NTRO), the nodal agency for technical intelligence set up in 2003 on the recommendation of the Kargil Review Committee is the only organization (with or sometimes against the RA&W) to look after these things.

Though the objective of the NTRO (with agencies such as the National Institute of Cryptology Research, National Information Infrastructure Protection Centre under its umbrella) was to focus on technical intelligence, surveillance and to look after the security of networks maintained by BARC, DRDO and ISRO, the organization has its own ‘bureaucratic’ problems.

A year ago, an official privy to NTRO operations told DNA: “It’s easy for hackers to break into certain systems in India because the government has not felt the need to secure every system.”

India Today also reported on the difficulties facing the new agencies: “As a member of the Kargil Review Committee’s technical task force on intelligence, M.K. Narayanan was one of the most enthusiastic proponents of the idea of a technical intelligence organisation. Today, he seems either unwilling to or unable to get the agency off the ground.” He even refused to respond to a questionnaire sent by India Today.6

While in India, most believe that the ‘Dark Visitors’ type of scenario can only be inspired by a Bollywood script, it is not the case in the United States where businessmen and diplomats have repeatedly been ‘visited’; as they arrive in China, they discover that their Chinese counterparts know everything about their plans.