France Caught Up in the Mystery of the Chinese Hackers
    By Roger Faligot
    Rue89

    Sunday 09 September 2007

These computer attacks, conducted all over the world from China, could reflect internal struggles in Beijing.

    "We have absolutely nothing to do with these cyber-attacks," a Chinese diplomatic source assured me, all smiles, during a recent Beijing lunch. "You understand, we want to promote peace in the world, but, unfortunately, criminal Internet groups indulge in these actions. Maybe they even want to sabotage the good ambiance of the Olympic Games."

    No surprise there. That's the same answer Angela Merkel received the previous Monday, when, arriving in Beijing, she brought up the revelations of our colleague from Der Spiegel, indicating that last May German counter-intelligence, the Bundesverfassungschutz, identified hacker intrusions, probably organized by the People's Liberation Army (PLA).

    Prime Minister Wen Jiabao apologized, allowing it to be understood that the authorities would prevent such attacks from reoccurring in the future. Which implies: we'll find some Internet users to prosecute for having harmed Chinese diplomatic interests, however, at only a few weeks away from the Chinese Communist Party Congress, the battle for control of power, especially surrounding the Central Military Commission, is raging. In that case, perhaps the hacker affair is also a problem of domestic power struggles between various groups: reformers, the Shanghai group, the PLA's "hardliners..."

    Since then, we've learned that these hacker attacks that seem to originate in China have also occurred in Great Britain, the United States, and even, as Le Monde revealed Saturday, in France.

    Through a PowerPoint File in France

    In any case, the revelations published last week about these multiple computer attacks organized from China come at a rather bad time for General Chen Xiaogong. They resemble the "spamming" to which he also is victim.

    Just named assistant chief of the PLA's general staff at the beginning of the summer, he already found himself in the eye of the hurricane. This expert on the United States - where he was Defense attach - now supervises a giant sector of the PLA: its Second Department (Qingbaobu in Chinese) the technical head of which he was until June, as well as the Third (San Bu) and Fourth (Si Bu) Departments.

    These three services, to which must still be added the PLA's Department of Communications, conduct interception operations (SIGINT, COMINT, ELINT) and info war, including cyber-attacks conducted by "rebound groups" located in China, but also all over the world. That's how Canadian counter-espionage identified groups of hackers in Toronto and Vancouver several years ago who were circulating a particularly nasty virus.

    According to Western technicians, the attacks have different objectives depending on whether spam, viruses, or a Trojan Horse have been sent.

    Effecting active intelligence by penetrating the Pentagon, the German Chancellery, and the Japanese Defense Agency: it's difficult to imagine young hackers crazy about the Internet risking themselves at that pastime. Yet that's what has happened. In France, moreover, an in-house alarm was set off in the defense administrations concerning an intrusion aided by a PowerPoint file (from Windows), exactly as in the case revealed by Der Spiegel in the FRG.

    In Great Britain, the Ministry of the Interior and the Foreign Office (and especially, as I am informed the Permanent Under-Secretary-of-State's Department, which is, in reality, the Foreign Affairs Ministry's interface with the MI6 intelligence service) were targeted the same way. According to the September 6th Daily Telegraph, as many as ten ministries and secretariats of state were the objects of intrusion attempts.

    Espionage la mode

    Intelligence, moreover, is neither political nor military only. Last spring, it was the Italian secret services that identified the use of a Trojan Horse, originating from a group in Shanghai, to rob sketches and designs of their models from the great Italian designers (according to my informants, several French Haute couture brands were also attacked, but do not want that known).

    Another objective that resembles a war game: site immobilization (via virus or spam bombardment) as took place two years ago in Japan at the time of very intense Sino-Japanese quarrels over the rewriting of history in schoolbooks with respect to such events as Hirohito's Imperial Army's sack of Nanking in 1937. That time, the Japanese National Police Agency (NPA) saw its Internet site frozen at the same time as [did] big Japanese companies with subsidiaries in China. Which generated the establishment of an "anti-cyber-terrorism" unit in the heart of that same NPA as a quid pro quo.

    From the perspective of the Chinese General Staff, the theoreticians of which have already published books on the subject, all this is part of the new information war that will accompany all new conflicts. Hence the third advantage of these operations: to launch offensives to study the weaknesses in the adversary's apparatus (firewalls and other systems), the capacities for riposte and even counter-attack, as is more and more the case for the Indian, Korean and Taiwanese cyber-war plans which do not hesitate to take on the virtual Great Wall Beijing has built.

    In that case, these exercises are comparable to a fighter plane's intrusion into forbidden air space or a ship's into another country's territorial waters to judge its riposte capacities, studying its communications at the same time.