A congressional commission that reviews economic and security relations between the United States and China held a hearing last month on Chinese intelligence activities that impact national security. During this hearing, security expert Kevin G. Coleman of the Technolytics Institute think tank gave a presentation (PDF) on Chinese cyber-espionage efforts.
He warned that the United States is falling behind in technological defense capabilities and is largely unprepared for what he characterizes as the start of a cyber-warfare arms race. Coleman attempts to describe the threat posed by China's cybersecurity build-up, but how much of it is a sham? Some of his facts are misleading.
Coleman discussed several prominent threat vectors and outlined some areas where he believes that the US military needs to take action in order to boost its cyber-warfare preparedness. One of the topics that he addressed during the panel is the risk of hardware tampering. Much of the hardware used in computers and consumer electronics in the United States is manufactured in China and other parts of the world. Experts are concerned that foreign governments could integrate undetectable kill switches and backdoor access systems directly into hardware components.
"We need to examine in detail and further quantify the risk that the global supply of components, sub-assemblies, assemblies, sub-systems and systems pose to the integrity of our critical information infrastructure and our highly computerized military," Coleman said. "If we are not going to build everything we need here at home, then we need to advance the current testing and validation tools and techniques as well as our system covert compromise monitoring and detection capabilities."
When we covered the manchurian chip problem last year, we looked at a DARPA research program called Trust in IC which aimed to find a consistently reliable method for detecting when circuitry has been compromised. This program is ongoing, and is scheduled for completion in 2010.
Coleman also emphasized the need for continuous investment in cyberwarfare capabilities. He contends that China's rapid economic growth and increasing technological sophistication will give the country "global electronic dominance" within the next 10 to 40 years, enabling it to "outspend the United States and the rest of the world much as we outspent the Soviet Union in the cold war." In order to combat this threat, he said that the US government must acknowledge that "we are in the early stages of a cyber arms race and need to respond accordingly" by developing new cyber-warfare weapons and defense systems.
One particular area where he believes that improvement is needed is the military's capacity to detect the origin of cyberattacks. The growing use of zombie botnets by sophisticated attackers is making it harder to determine who is orchestrating attacks and where those attacks are originating. He suggested that one possible solution is to catalog the characteristics of malicious code and use that as a kind of "digital DNA" to help trace the software back to its creator. The large number of virus variants and the extensive sharing of code between malicious software programs makes it seem unlikely to me that such an approach will be tenable