2011 report to congress - U.S.-China Economic and Security Review ...

More documents

Recommendations

Info

dkrause on DSKHT7XVN1PROD with $$_JOB176tions (ASEAN) Secretariat is also not likely a motivation ofa group interested only in economic gains. 135Cyber penetrations that do not target diverse victims can still indicatestate involvement. A February case study, called NightDragon, profiled an exploitation campaign against global companiesin the energy and petrochemical sectors. These sectors are of specialinterest to the Chinese government, which has designatedseven ‘‘strategic industries’’ for ‘‘absolute state control,’’ includingthe power generation and distribution industry, the oil and petrochemicalsindustry, and the coal industry. 136 (For more informationabout China’s strategic industries, see chap. 1, sec. 2, of this Report.)In another indication of institutional involvement, the NightDragon study’s authors noted that:[A]ll of the identified data exfiltration activity occurredfrom Beijing-based IP [intellectual property] addresses andoperated inside the victim companies weekdays from 9:00a.m. to 5:00 p.m. Beijing time, which also suggests that theinvolved individuals were ‘company men’ working on a regularjob, rather than freelance or unprofessional hackers. 137While the study’s authors could not definitely identify the perpetrators,an opaque web-hosting company and its Shandong-basedoperator appeared to be involved. 138 As described below, ShandongProvince is connected to several other penetrations over the pastseveral years.China-based hackers increasingly use indirect approaches to gainaccess to sensitive information systems. In June, Google announcedthat it had discovered a widespread but targeted ‘‘phishing’’ campaignthat had compromised Google Mail (Gmail) accounts.* Thecompany disclosed that:This campaign, which appears to originate from Jinan,China, affected what seem to be the personal Gmail accountsof hundreds of users including, among others, seniorU.S. government officials, Chinese political activists, officialsin several Asian countries (predominantly SouthKorea), military personnel and journalists. 139Aside from Gmail users, the campaign reportedly affected certainU.S. government e-mail accounts at the Department of State, theDepartment of Defense, and the Defense Intelligence Agency. Theperpetrators leveraged access to compromised accounts to perpetuatethe campaign by spreading malicious software to the victims’contacts.† As the Commission reported in 2009, Jinan, ShandongProvince, is the home of one of China’s Technical Reconnaissance* ‘‘Phishing’’ is ‘‘an attempt by an individual or group to solicit personal information fromunsuspecting users by employing social engineering techniques. Phishing emails are crafted toappear as if they have been sent from a legitimate organization or known individual. Theseemails often attempt to entice users to click on a link that will take the user to a fraudulentweb site that appears legitimate. The user then may be asked to provide personal informationsuch as account usernames and passwords that can further expose them to future compromises.Additionally, these fraudulent web sites may contain malicious code.’’ U.S. Computer EmergencyReadiness Team (U.S.–CERT), ‘‘Report Phishing.’’ http://www.us-cert.gov/nav/reportlphishing.html.† This is called the ‘‘man-in-the-mailbox’’ technique. John Markoff and David Barboza, ‘‘F.B.I.to Investigate Gmail Attacks Said to Come From China,’’ New York Times, June 2, 2011. http://www.nytimes.com/2011/06/03/technology/03google.html?lr=1.VerDate Nov 24 2008 13:46 Nov 10, 2011 Jkt 067464 PO 00000 Frm 00188 Fmt 6601 Sfmt 6601 G:\GSDD\USCC\2011\067464.XXX 067464
dkrause on DSKHT7XVN1PROD with $$_JOB177Bureaus. These entities serve as a computer network exploitationarm for the Third Department of the PLA’s General Staff Department,which collects signals intelligence. 140 A vocational schoollinked to the December 2009 Google penetration is also located inJinan. 141During a Commission trip to China in August 2011, representativesof foreign businesses that operate in China placed computernetwork intrusions alongside mandated technology transfers andinvasive technical standards inspection schemes as the most seriousthreats to their intellectual property. Chinese efforts suggestthat, for firms without a physical presence in China, computer networkintrusions may pose the most serious threat to intellectualproperty.Computer network attackAlong with the considerable computer network exploitation capabilitiesdescribed above, the Chinese government has computer networkattack capabilities. As the Department of Defense’s 2011 annualreport to Congress on Military and Security Developments Involvingthe People’s Republic of China states, ‘‘[t]he PLA has establishedinformation warfare units to develop viruses to attack enemycomputer systems and networks.’’ * This has implications for militaryand nonmilitary targets. For example, a 2011 global survey ofcritical infrastructure operators conducted by McAfee and the Centerfor Strategic and International Studies identified governmentsponsoredsabotage as a central cyber threat. The plurality of respondents,30 percent, identified the Chinese government as thegreatest concern. 142 While the survey measured perceptions ratherthan events, its findings illustrate the concerns of those on the‘‘frontlines’’ of infrastructure protection.†Perhaps the most compelling evidence that surfaced in 2011 linkingthe Chinese government to cyber attacks was a July documentarypresented on China Central Television 7 (CCTV–7), the government’smilitary and agricultural channel. A brief segment demonstratedwhat appears to be a PLA ‘‘point and click’’ distributeddenial of service attack launched against a Falun Gong-relatedwebsite hosted on a network at the University of Alabama in Birmingham.Based on Internet Protocol data exposed in the programand information from the school’s network administrators, the attackappears to have taken place in 2001 or earlier.‡ According tothe footage, the PLA’s Electrical Engineering University developedthe software used to launch the attack. 143 Some reports about this* Parallel developments include ‘‘tactics and measures to protect friendly computer systemsand networks.’’ Office of the Secretary of Defense, Annual Report to Congress: Military and SecurityDevelopments Involving the People’s Republic of China 2011 (Washington, DC: Departmentof Defense, 2011), p. 37.† China also faces challenges in securing infrastructure. For example, see Paul Roberts, ‘‘GlassDragon: China’s Cyber Offense Obscures Woeful Defense,’’ Threatpost, April 27, 2011. http://threatpost.com/enlus/blogs/glass-dragon-chinas-cyber-offense-obscures-woeful-defense-042711.See also Jim Finkle, ‘‘Exclusive: China software bug makes infrastructure vulnerable,’’ Reuters,June 16, 2011. http://www.reuters.com/article/2011/06/17/us-cybersecurity-china-idUSTRE75G0CV20110617.‡ Other attacks have been documented more recently, including in 2011. See, for example,Benjamin Joffe-Walt, ‘‘U.S. Congresswoman Condemns Chinese Attack on Change.org,’’Change.org Blog, April 26, 2011. http://blog.change.org/2011/04/u-s-congresswoman-condemnschinese-attack-on-change-org/.VerDate Nov 24 2008 13:46 Nov 10, 2011 Jkt 067464 PO 00000 Frm 00189 Fmt 6601 Sfmt 6601 G:\GSDD\USCC\2011\067464.XXX 067464
Page 1 and 2:
12011REPORT TO CONGRESSof theU.S.-C
Page 3 and 4:
U.S.-CHINA ECONOMIC AND SECURITY RE
Page 5 and 6:
dkrause on DSKHT7XVN1PROD with $$_J
Page 7 and 8:
CONTENTSPageTRANSMITTAL LETTER TO T
Page 9 and 10:
Page 11 and 12:
Page 13 and 14:
Page 15 and 16:
Page 17 and 18:
Page 19 and 20:
Page 21 and 22:
Page 23 and 24:
Page 25 and 26:
Page 27 and 28:
Page 29 and 30:
Page 31 and 32:
23Figure 1:China’s Share of the U
Page 33 and 34:
25The weakness in U.S. exports of a
Page 35 and 36:
Page 37 and 38:
Page 39 and 40:
31Table 3:RMB Bond Issuances by Mul
Page 41 and 42:
Page 43 and 44:
35of bilateral negotiations under t
Page 45 and 46:
37Stonewalling the WTO: A Case Stud
Page 47 and 48:
39that China’s existing system of
Page 49 and 50:
41now. Because the structures of th
Page 51 and 52:
43How Big Is China’s State Sector
Page 53 and 54:
45Fortune Global 500, compared to j
Page 55 and 56:
47panies are less profitable, after
Page 57 and 58:
49erate primarily within state-cont
Page 59 and 60:
Page 61 and 62:
Page 63 and 64:
Page 65 and 66:
57Figure 1: Chinese FDI Stock in th
Page 67 and 68:
Page 69 and 70:
Page 71 and 72:
63U.S. firms with sensitive technol
Page 73 and 74:
65Addendum I: SASAC Companies, Larg
Page 75 and 76:
67Addendum I: SASAC Companies, Larg
Page 77 and 78:
69dkrause on DSKHT7XVN1PROD with $$
Page 79 and 80:
71January 2010, the heads of 19 U.S
Page 81 and 82:
Page 83 and 84:
Page 85 and 86:
77cause Beijing had sought to exclu
Page 87 and 88:
Page 89 and 90:
81China in Search of Western Techno
Page 91 and 92:
83scious policy seeking to drive Ch
Page 93 and 94:
Page 95 and 96:
Page 97 and 98:
89Like previous plans, the 12th Fiv
Page 99 and 100:
Page 101 and 102:
Page 103 and 104:
95Consultative Conference National
Page 105 and 106:
Page 107 and 108:
99panies account[ed] for fully 7 pe
Page 109 and 110:
101Dr. Shih has testified before th
Page 111 and 112:
103ment subsidies, which in turn wi
Page 113 and 114:
105Addendum II: Figures 1-2Figure 1
Page 115 and 116:
Page 117 and 118:
Page 119 and 120:
Page 121 and 122:
113drivers cited increased fuel pri
Page 123 and 124:
Page 125 and 126:
Page 127 and 128:
Page 129 and 130:
Page 131 and 132:
123uating from college and hoping t
Page 133 and 134: dkrause on DSKHT7XVN1PROD with $$_J
Page 139 and 140: 131unfairly or unjustifiably harm U
Page 169 and 170: 161gress, the DoD noted that China
Page 173 and 174: 165eral U.S. military policies, inc
Page 175 and 176: 167Figure 1:Territorial Disputes in
Page 179 and 180: 171provides guidelines for dealing
Page 181 and 182: 173network exploitations to facilit
Page 183: dkrause on DSKHT7XVN1PROD with $$_J
Page 189 and 190: 181ligence, surveillance, and recon
Page 195 and 196: 187Therefore, the PLA maintains the
Page 197 and 198: 189Of import, the PLA’s geographi
Page 205 and 206: 197ther moves toward independence,
Page 207 and 208: 199trates the depth of China’s sp
Page 209 and 210: 201Figure 2:Representation of Beido
Page 213 and 214: 205ganization, modeled on the Europ
Page 215 and 216: 207China’s leadership also places
Page 219 and 220: 211[General Armaments Department] p
Page 221 and 222: 213Table 2: Select Chinese Satellit
Page 223 and 224: 215weapons or coorbital satellite w
Page 225 and 226: 217Malicious Cyber ActivitiesDirect
Page 229 and 230: RECOMMENDATIONSChina’s ‘‘Area
Page 235 and 236:
Page 237 and 238:
Page 239 and 240:
Page 241 and 242:
Page 243 and 244:
Page 245 and 246:
Page 247 and 248:
239320. Chang Xianqi, Military Astr
Page 249 and 250:
Page 251 and 252:
243woman Jiang Yu simply expressed
Page 253 and 254:
245Table 1:Timeline of Sino-North K
Page 255 and 256:
Page 257 and 258:
249China also provides economic sup
Page 259 and 260:
251economic and social strains woul
Page 261 and 262:
Page 263 and 264:
255Iran’s South Pars Gas Field af
Page 265 and 266:
257When asked by Commissioners abou
Page 267 and 268:
Page 269 and 270:
Page 271 and 272:
Page 273 and 274:
Page 275 and 276:
Page 277 and 278:
Page 279 and 280:
Page 281 and 282:
Page 283 and 284:
Page 285 and 286:
Page 287 and 288:
Page 289 and 290:
281trade, and dispute settlement. 2
Page 291 and 292:
Page 293 and 294:
Page 295 and 296:
287of Request to the United States
Page 297 and 298:
289fense, since its current fleet o
Page 299 and 300:
Page 301 and 302:
Page 303 and 304:
Page 305 and 306:
Page 307 and 308:
Page 309 and 310:
Page 311 and 312:
Page 313 and 314:
Page 315 and 316:
Page 317 and 318:
Page 319 and 320:
Page 321 and 322:
Page 323 and 324:
Page 325 and 326:
Page 327 and 328:
3190aRCRD&ss=Hong+Kong&s=News; Pete
Page 329 and 330:
Page 331 and 332:
323mation Office. Day-to-day superv
Page 333 and 334:
Page 335 and 336:
327Although the slogans change over
Page 337 and 338:
Page 339 and 340:
Page 341 and 342:
Page 343 and 344:
335What Constitutes a ‘‘Core In
Page 345 and 346:
Page 347 and 348:
339Selected CAIFC/CPD Track Two Exc
Page 349 and 350:
341disseminated through diplomatic
Page 351 and 352:
Page 353 and 354:
Page 355 and 356:
Page 357 and 358:
Page 359 and 360:
Page 361 and 362:
Page 363 and 364:
Page 365 and 366:
Page 367 and 368:
Page 369 and 370:
Page 371 and 372:
Page 373 and 374:
Page 375 and 376:
Page 377 and 378:
Page 379 and 380:
Page 381 and 382:
Page 383 and 384:
375ecutive Schedule under section 5
Page 385 and 386:
Page 387 and 388:
Page 389 and 390:
Page 391 and 392:
Page 393 and 394:
Page 395 and 396:
APPENDIX IIIPUBLIC HEARINGS OF THE
Page 397 and 398:
Page 399 and 400:
APPENDIX IIIALIST OF WITNESSES TEST
Page 401 and 402:
393Alphabetical Listing of Panelist
Page 403 and 404:
Page 405 and 406:
397In TaiwanU.S. Government• Amer
Page 407 and 408:
APPENDIX VLIST OF RESEARCH MATERIAL
Page 409 and 410:
401The National Security Implicatio
Page 411 and 412:
APPENDIX VIACRONYMS AND ABBREVIATIO
Page 413 and 414:
show all

2011 report to congress - U.S.-China Economic and Security Review ...

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?