Focus: Tomorrow’s Battlefield

Remember the story about computer-controlled weapons systems made in the USA and given to allies which, if the supported government or military changed its orientation, had hidden codes that would allow us to shut down the systems? Pretty cool, huh?

So when the Department of Defense recently did a check of their computer systems, what do you suppose they found? Hundreds of counterfeit computer routers … made in China.

Counterfeit parts made in China are finding their way into global supply chains everywhere. Auto parts have been hit particularly hard, since it’s difficult to tell where a bolt is made and whether it really meets manufacturer’s specs … until it fails. It was only a matter of time until Chinese counterfeit parts started showing up in the computer global supply chain as well. But shoddy workmanship is the least of our worries when it comes to DoD computer routers. Is it possible to include deeply imbedded commands in processors which can disable—or open up—a computer network on third party command?

Of course it is.

There is no evidence—that I am aware of—of any such coding in any of the counterfeit routers discovered, and this one hole in our defense computer hardware security envelope has been plugged, at least for now. But the Chinese military believes (probably correctly) that we are engaging in cyber espionage aimed at them, and so they are taking the prudent step of ramping up for a cyber conflict with us. They would be seriously nuts not to. We would do—have done—the same.

The earliest large-scale Chinese cyber intrusion, named Titan Rain by the U.S. government, took place back in 2002 and hit non-classified military, government, and government contractor web sites. The estimated download haul was between 10 and 20 terabytes of data. (For those of us somewhat computer challenged, the entire print collection of the Library of Congress amounts to 10 terabytes of data.) Since then, the incidence of “malicious activity” directed at defense computer networks has steadily escalated, although it is impossible to say how much is of Chinese origin. In 2007 alone the total incidence of malicious activity against DoD computers increased 31% over the previous year.

One of the reasons this sort of thing goes on unchecked is there is virtually no international law in place defining what cyber activity constitutes an act of war. That’s right. You could bring down or penetrate significant parts of a nation’s defense computer network and there would still be genuine legal questions over whether you had committed an act of war.

Great.

Well, somebody better get a boatload of lawyers working on that one, and fairly quickly.

Much information in this blog was drawn from the 2008 REPORT TO CONGRESS of the U.S.-CHINA ECONOMIC AND SECURITY REVIEW COMMISSION. To download a PDF of the entire report, click here.

About the Author: The major landmarks in Frank's historical interests range from ancient Persia through the Crimean War, World War II, and the modern U.S. Armed Forces, with a lot of stops in between. Frank is fascinated by the unusual, the overlooked, and the surprising. He is the New York Times number one best-selling author of the Desert Shield Fact Book (1991) and he is currently writing an historical novel on Alexander's conquest of Persia – from the Persian point of view.

Related Articles Largest Security Breach Ever of US Military Computers Confirmed China on the Move – South of the Border The Internet Turns 40 – No Turning Back A Coming War with China? Think Again The Spy Within: Larry Chin and the Penetration of the CIA

Find similar posts tagged with: 21st century warfare
1 Comment »