WMD Insights

Recent Events Suggest Cyber Warfare Can Become New Threat

December 2008/January 2009 Issue

In the recently released quadrennial strategic forecasting report Global Trends 2025: A Transformed World, the National Intelligence Council identifies the “growing use of cyber warfare attacks” as one of the factors that “will constrict U.S. freedom of action.” [1] Moreover, cyber warfare is listed among the non-military means of warfare that “will become more prevalent in conflicts over the next two decades.” [2] These predicted trends call attention to the potential significance of cyber warfare in the arsenals of militarily inferior adversaries that will employ it as part of the asymmetric challenge to U.S. dominance worldwide. As the Internet reaches more distant parts of the globe and national economies of a rapidly increasing number of countries become integrated into the World Wide Web, interest in acquiring both offensive and defensive cyber capabilities by states and non-state actors will only grow. In this regard, Russia and China, as major global exporters of information technology (IT) professionals and depositories of IT talent, could pose the gravest threats.

The Screenshot from the Website of the Georgian Ministry of Foreign Affairs After it Had Been Defaced by Russian Hacktivists

The severity of security challenges posed by cyber warfare to any given country is largely proportional to the degree of its dependence on modern information and communications technology. Thus, countries that are more advanced in terms of Internet accessibility, e-commerce, e-banking, etc., possess more vulnerabilities to cyber attack. On the other hand, relatively backward IT states will be considerably less exposed to cyber dangers.

The four case studies presented here show a spectrum of different categories of cyber warfare and their consequences. Cyber attacks can be timed to coincide with a conventional military offensive and be aimed primarily at influencing global public opinion, as was the case during the August events in Georgia. As demonstrated in the 2007 experience of e-savvy Estonia, cyber attacks can also be used to punish a foreign government. A recent spy scandal in the same country draws attention to Russia’s interest in acquiring sensitive information on cyber countermeasures and defenses. A final example of purposeful cyber warfare is illustrated in the case of China, a nation that seems to have a penchant for hacking U.S. government computer networks to obtain classified data. While none of these measures resulted in major strategic damage, they should not be dismissed as minor nuisances. Many scenarios can be envisioned in which concerted cyber attacks could inflict irreparable damage on critical infrastructure and national security.

Case 1: The Cyber Aspect of the Russian-Georgian War
The most striking feature of the cyber attack on Georgia was that for the first time an online assault was carried out in conjunction with a conventional military offensive. It must be stated at the outset that the Russian government rejected allegations regarding its involvement in orchestrating cyber attacks on Georgian websites, and no publicly available evidence can be cited to demonstrate its involvement. Whether these cyber attacks were sanctioned by the Russian government or represented collective reaction of thousands of irate Russian hacker activists (“hacktivists”), they were nevertheless highly coordinated and well planned, and they show what a government might accomplish in exploiting such capabilities.

In fact, small-scale distributed denial of service (DDOS) attacks began in June, almost two months before the five-day war between Russia and Georgia over Georgia’s breakaway region of South Ossetia. [3] DDOS attacks are carried out when personal computers (PCs) infected with the malicious software (malware) and organized into vast networks (botnets) are ordered by hackers to simultaneously send millions of specifically composed requests to a designated website or websites in order to overload a server and cause it to shut down. The hackers hijack the infected or “zombie” PCs and can control them remotely while their owners are often completely unaware that their computers are inadvertently engaged in cyber attacks.

On July 20, the Shadowserver Foundation, an Internet watchdog group of volunteers specializing in tracking malicious online activities, registered multiple DDOS attacks targeting the official website of Georgian President Mikhail Saakashvili. According to the Shadowserver researchers, the attack, which shut down the presidential website for more than 24 hours, was directed by a command-and-control server in the United States, showing that organization and planning of cyber attacks can be carried out without respect for national borders. In this case, one might assume that some Russian or pro-Russian IT specialists set up a server in the United States to carry out the attacks, although it is not possible to conclude that they were authorized by the Russian government to do so. Furthermore, it is noteworthy that the server became operational several weeks prior to commencement of the attack. [4]

The DDOS attacks against Georgia’s nascent Internet infrastructure reached an alarming level on August 8, the first day of war. Shadowserver detected the first coordinated online assault by six different botnets against Georgian government and media websites at 2:00 PM GMT on August 8. [5] As the conflict escalated so did the cyber attacks, and Russian hacktivists shut down the websites of the President of Georgia, the Georgian Parliament, the Ministries of Defense and Foreign Affairs, the National Bank of Georgia, and the online news agencies The Messenger and Civil.ge. To add insult to injury, the websites of the Ministry of Foreign Affairs and National Bank were defaced with digitally manipulated images of President Saakashvili juxtaposed against photos of the Nazi leader Adolph Hitler. [6] Defacing websites may have been mischief, but depriving the country of online media outlets during a military contingency is an unmistakable objective of information warfare, which was achieved, albeit temporarily.

The Georgian government had to react swiftly and creatively in the face of unfolding cyber disaster and the ensuing information blockade. With Google’s permission, the websites of the Ministry of Foreign Affairs and Civil.ge were temporarily transferred to the Blogspot domain where it was better protected against DDOS attacks. [7] On August 9, the small Atlanta-based Internet service provider Tulip Systems Inc., which is owned by the Georgian-born Nino Doijashvili, began to host the President’s website. [8] In a gesture of solidarity, the President of the Republic of Poland, Lech Kaczynski, graciously provided space on his website for the official press releases of the Georgian government. Meanwhile the Estonian government, which suffered from cyber attacks in 2007 (see below), provided substantial assistance by accommodating the website of the Ministry of Foreign Affairs and dispatching two information security specialists from its Computer Emergency Response Team (CERT) to help bolster Georgian cyber defenses. [9]

According to the account by Belarusian digital activism expert Evgeny Morozov, who pretended to be a Russian cyber foot soldier during the contingency, the coordination of the cyber attacks was largely carried out by an online hacker forum StopGeorgia.ru. Set up within hours after the Russian armed forces invaded South Ossetia, this forum featured a constantly updated list of target websites and encouraged visitors to download a free software program DoSHTTP, which allowed them to participate instantly in the massive DDOS attacks against the listed Georgian websites. [10]

On August 22, with the dual purpose of examining the cyber attacks on Georgia’s Internet infrastructure and clarifying questions related to possible involvement by the Russian government, the network security expert and cyber analyst Jeff Carr assembled a 100-member volunteer group of computer security, technology, and intelligence specialists to launch Project Grey Goose, an open source investigative initiative. [11] On October 9, Carr presented preliminary findings at a government conference organized by the defense contractor Palantir Technologies at Tyson’s Corner, Virginia. [12] According to the report of the project’s first phase, published on October 17, 2008, the investigative team was “unable in this round of collection/analysis to find any references to state organizations guiding or directing [cyber] attacks.” [13] At the same time, however, the experts issued the following caveat:

While Project Grey Goose did not uncover any Russian government/Hacker connections in its examination of the public Xakep.ru forum or the private StopGeorgia.ru forum, it is not reasonable to conclude that no such connection exists. The historical record shows clear support by members of the Russian government and implied consent in its refusal to intervene or stop the hacker attacks. [14]

Another important contribution of Project Grey Goose was that, contrary to a widely held view, it concluded that the cyber assault against Georgian websites did not consist primarily of DDOS attacks. The team led by Carr found evidence suggesting the use of simpler but equally effective SQL injection attacks, which exploit application level vulnerabilities of the MySQL software used by many websites to manage backend databases. These attacks overwhelm the targeted database with millions of junk queries, thereby rendering the corresponding server inoperable. From a hacker’s perspective, SQL attacks provide two main advantages. First, when used in combination with traditional DDOS attacks, they are extremely difficult to detect. Second, SQL injection attacks require far fewer computers to achieve the same objectives as DDOS attacks, which cannot be sustained effectively without botnets. As the Project Grey Goose report notes, the use of the SQL injection attacks “shows moderate technical sophistication, but more importantly, it shows planning, organization, targeted reconnaissance, and evolution of attacks.” [15]

In the end, the cyber attacks inflicted little damage because much of Georgia’s economy and critical infrastructure are still not integrated into the Internet. Only about 7 percent of the country’s population has Internet access and, according to some measures, Georgia occupies 74th place out of 234 nations, behind Nigeria, Bangladesh, Bolivia, and El Salvador. [16] Nonetheless, the grassroots campaign waged by the nationalist hacktivists galvanized into action with the help of Russian online hacker forums effectively disrupted the timely dissemination of information by the Georgian government and forced Tbilisi to seek alternative methods for getting its message out to the international community.

Case 2: Cyber Attack on Estonia
The cardinal difference between the cyber attacks on Georgia and the earlier assault on Estonia is that in the latter case the attacks had a more profound impact because the Estonian economy is fully integrated into the Internet. It would not be an exaggeration to state that this tiny country, with a population of 1.3 million people, has become a marvel in terms of widespread access to state-of-the-art communications technology. In order to appreciate the full extent of Estonia’s evolution as one of the most electronically advanced countries in the world, it is important to note that since November 2005 the Estonian government has shifted its operations to the virtual domain. Cabinet-level meetings are conducted online while documents are signed with e-signatures. As of March 2007, Estonian citizens could even cast their votes in national elections via their PCs. [17] Moreover, in 2007 Estonia was ranked 23rd in e-readiness ratings. Almost 61 percent of the population enjoys online access to its bank accounts, and 95 percent of banking transactions are electronic. [18] Such overwhelming reliance on the Internet was bound to attract the interest of Russian hackers, who were waiting for a pretext to test Estonia’s cyber defenses.

That pretext came with the Estonian government’s decision to relocate the monument commemorating the sacrifice of Soviet armed forces in liberating Estonia from the Nazi yoke during World War II. On April 27, 2007, the seemingly innocuous act of relocating the monument from the center of the Estonian capital Tallinn to a military cemetery outside the city sparked protests and riots among Estonia’s Russian minority. These protests were then followed by a barrage of DDOS attacks from Russia. A call for action, complete with specific instructions on how to participate in the DDOS attacks, quickly spread through Russian online chat rooms. Soon Estonian “government websites that normally receive 1,000 visits a day reportedly were receiving 2,000 visits every second.” [19] As a result, the websites of the Ministries of Foreign Affairs and Justice had to shut down, while Prime Minister Andrus Ansip’s Reform Party’s website was defaced with digital graffiti of a Hitler-style moustache scrawled across the Prime Minister’s photo. [20] More importantly, the Russian hacktivists managed to briefly disable the national emergency toll-free phone number 112; luckily, no accidents happened during its downtime. [21]

Both the United States and NATO sent teams of computer security experts to help the Estonian authorities cope with the massive wave of DDOS attacks that paralyzed the country’s government websites, banking industry, and media outlets. What struck many network security experts as unusual about the cyber attacks was that they lasted weeks and their intensity was extremely high. Some botnets employed in the DDOS attacks on Estonian websites included up to 100,000 “zombie” PCs. [22] The concerted efforts by its allies eventually stabilized Estonia’s situation, but intermittent cyber attacks on national government websites, including the State Chancellery and Federal Electoral Committee, continued well into the middle of May 2007. [23]

The cyber attack on Estonia led NATO to establish the Cooperative Cyber Defense Center in Estonia in May 2008. [24] Although its formal opening is planned for 2009, the Center, with a staff of 30 specialists, became operational in August. [25] The cyber defense center is part of a NATO network of 10 accredited Centers of Excellence dedicated to training representatives from alliance member countries “on technically sophisticated aspects of NATO operations.” [26] However, a recently revealed Estonian spy affair casts serious doubt on the usefulness of this center, at least as it is currently conceived.

Case 3: The Herman Simm Affair and Its Possible Fallout
In September, Estonian police arrested 61-year old Herman Simm, a high-ranking official at the Estonian Ministry of Defense, whom they accused of passing highly classified information on U.S. missile shield plans and cyber defense to the Russian Foreign Intelligence Service (SVR) in exchange for millions of dollars. [27] Described as the “most serious case of espionage against NATO since the end of Cold War,” the Simm affair demonstrates that the Russian government has undertaken aggressive intelligence gathering operations, particularly in the fields of missile and cyber defense. [28] As the head of the State Secret Protection Office, Simm was responsible for protecting Estonia’s most sensitive secrets. Recruited by the Russians in the late 1980s, Mr. Simm “became a proper agent for the Russian government in the mid-1990s,” according to the head of the Estonian parliamentary oversight commission on security services, Jaanus Rahumaegi. [29] At present, several investigation teams from the European Union (EU) and NATO are working feverishly in Tallinn under the supervision of a U.S. officer to assess the damage. A German official familiar with the investigation bluntly characterized the Russian penetration of NATO caused by Simm as a “catastrophe.” [30]

Motivated by greed, Simm operated with his wife, Heete, a lawyer who was previously employed at national police headquarters. Mr. Simm used a converted radio transmitter to schedule meetings with his handler, who posed as a Spanish businessman. Moreover, in 2003, the Estonian Prime Minister issued Simm a diplomatic passport, which allowed him to carry classified documents abroad. [31] It is unknown whether Mr. Simm had any other accomplices, but considering that for many years he oversaw issuance of security clearances for Estonian officials in the intelligence, military, and security agencies, such a possibility cannot be ruled out. Mr. Simm is expected to be arraigned next year. If convicted he faces between three and fifteen years in prison. [32]

What is particularly damaging about Mr. Simm’s treachery is that at the Ministry of Defense he was entrusted with the sensitive function of devising information protection systems for both NATO and the EU. In this capacity, Mr. Simm frequently headed the Estonian government delegation in talks on protecting classified data flows both in the EU and NATO. Described as being “at the cutting edge of NATO’s most important new strategic missions: to defend the alliance against cyber-attack,” Mr. Simm has perhaps fatally compromised the NATO Cooperative Cyber Defense Center. [33] In one possible fallout from the Simm affair, U.S. Department of Defense computers sustained a “severe and widespread” electronic attack as recently as the Thanksgiving week of November 24-28. [34] According to the few reports available in open sources, the attack, which may have originated in Russia, was spread by an intrusive piece of malware with the file name agent.btz. It was apparently designed to target military computer networks specifically. The cyber assault affected the networks of U.S. Central Command, including computers in the combat zones in Iraq and Afghanistan. It also penetrated one highly protected classified network. [35]

The gravity of the attack prompted the Pentagon leadership to issue a worldwide ban on the use of external computer flash drives, which were blamed for spreading the agent.btz malware from infected computers. [36] This, in turn, complicated information sharing among battlefield commanders in the theater of operations because they often rely on such drives. The seriousness of the challenge was reflected by the fact that the Chairman of the Joint Chiefs of Staff, Admiral Michael G. Mullen, personally briefed President Bush about the malware attack. [37] Meanwhile, in response, the U.S. Strategic Command, which oversees the military’s cyber defenses, elevated its information defense operations with what were described as “enhanced security measures.” [38]

Case 4: The Chinese Cyber Threat
China could also pose a formidable cyber threat due to a combination of factors, including the sheer number of Chinese Internet users. [39] In its annual congressionally mandated report on the Chinese military, the U.S. Department of Defense cited a number of examples demonstrating the global reach of Chinese cyber intrusions. According to the report, in Germany, the Vice President of the Office for the Protection of Constitution Hans Elmar Remberg openly accused China of carrying out computer network intrusions on an “almost daily” basis. In September 2007, French Secretary-General of National Defense Francis Delon publicly admitted that French government websites had been targeted by Chinese cyber attacks. [40] In November 2007, the director of the British intelligence service MI5, Jonathan Evans, warned representatives of financial services companies that they were targets of Chinese “state-sponsored computer network exploitation.” [41] At the time, it was suspected that Chinese hackers successfully obtained strategic plans and sophisticated risk management systems of Lehman Brothers, Britain’s Bradford & Bingley, and Iceland’s Landsbanki. [42]

It appears that as far back as 2005 the Chinese People’s Liberation Army (PLA) took an important step by forming “information warfare units to develop viruses to attack enemy computer systems and networks.” [43] Chinese military thinking in the area of computer network operations (CNO) incorporates different categories of cyber operations, including computer network attack (CNA), computer network exploitation (CNE), and computer network defense (CND) – all of which fall under the umbrella concept of integrated network electronic warfare. [44]

In 2007, Chinese hackers believed to be associated with the PLA carried out a notable attack on Pentagon computer networks, which lasted several weeks. They managed to overcome vigorous defense efforts put up by U.S. military computer experts and accessed the unclassified computer system that supports the Secretary of Defense. To avoid further damage, Pentagon IT security specialists were forced to shut down the network to carry out maintenance in an off-line mode. This incident prompted the creation of the National Cyber Investigative Joint Task Force, which is credited with the detection of the most recent Chinese cyber penetration of the White House computer network. The Financial Times reported in early November 2008 that Chinese hackers accessed the White House computer network on a number of occasions to steal e-mail messages between government officials. [45]

Because of the closed and authoritarian nature of the Chinese state and tightly regulated Internet use in China, it is difficult to imagine that sizable hacker communities can operate freely there without state oversight and control. Unlike their Russian counterparts, the actions of the Chinese hackers are more focused on achieving specific objectives, which include aggressive acquisition of commercial secrets as well as information on future weapons systems. Despite China’s status as the second largest U.S. trading partner, Beijing’s lack of transparency with regard to its military modernization and overall yearly increases in military expenditures raise Pentagon worries. The sphere of cyber warfare specifically represents “an area of growing concern,” according to the Deputy Assistant Secretary of Defense for East Asia, David Sedney. [46]

Conclusion
The rapid spread of information and communication technology will only magnify the threat of cyber warfare in years to come. The apparently Russian-based cyber attacks on Estonia and Georgia showed the importance of the emerging concepts of digital citizenship and digital activism, which defy state borders and raise thorny issues of dual (or split) loyalties. Under the cloak of plausible deniability and employment of non-attributable means of communication (i.e. no paper trails), the Kremlin could be tempted to use the vast hacker resources at its disposal to settle scores across the post-Soviet geopolitical space. Moscow’s keen interest in learning Western cyber defenses was once again recently highlighted by the disastrous Simm affair in Estonia.

China has been increasingly exhibiting an appetite for industrial espionage and aggressive intelligence gathering through cyber attacks both in the United States and Europe, and Beijing has been actively incorporating cyber warfare elements into its overall defense posture for some time. The United States, as the creator of the Internet, will have to spearhead the formation of a legal framework for this new challenge, complete with definition of vital terms and rules of the game. While the discussion of legal considerations goes beyond the scope of this article, it is obvious that the main tenets of conventional warfare embedded in the Geneva Conventions will have to be reformulated to take account of cyber warfare because it blurs such principles as proportionality, neutrality and distinction. Some semblance of order will have to be injected into the interconnected expanse of the Internet unless we want to witness a spiraling escalation of cyber attacks of increasing sophistication with lethal consequences for unsuspecting masses.

Alexander Melikishvili – Monterey Institute James Martin Center for Nonproliferation Studies

SOURCES AND NOTES
[1] Global Trends 2025: A World Transformed, National Intelligence Council, November 2008, www.dni.gov/nic/PDF_2025/2025_Global_Trends_Final_Report.pdf. [View Article]
[2] Ibid.
[3] Kim Hart, “Longtime Battle Lines Are Recast In Russia and Georgia’s Cyberwar,” Washington Post, August 14, 2008, http://www.washingtonpost.com/wp-dyn/content/article/2008/08/13/AR2008081303623_pf.html. [View Article]
[4] John Markoff, “Before the Gunfire, Cyberattacks,” International Herald Tribune, August 13, 2008, http://www.iht.com/articles/2008/08/13/technology/13cyber.php. [View Article] Thais Portilho-Shrimpton, “Battle for South Ossetia Fought in Cyberspace,” The Independent, August 17, 2008, http://www.independent.co.uk/news/world/europe/battle-for-south-ossetia-fought-in-cyberspace-899772.html. [View Article]
[5] Shaun Waterman, “Analysis: Russia-Georgia Cyberwar Doubted,” United Press International, August 18, 2008.
[6] Thais Portilho-Shrimpton, “Battle for South Ossetia Fought in Cyberspace,” see source in [4].
[7] Noah Shachtman, “Estonia, Google Help ‘Cyberlocked’ Georgia (Updated),” Wired Blog Network/Danger Room, August 11, 2008, http://blog.wired.com/defense/2008/08/civilge-the-geo.html#more. [View Article] Dumitru Minzarari, “The War of Words,” Transitions Online, August 15, 2008.
[8] Kristie E. Swartz, “Tulip Systems Tries to Keep Other Georgia’s Web Sites Safe,” The Atlanta Journal-Constitution, August 17, 2008, http://www.ajc.com/business/content/business/stories/2008/08/17/tulip_systems_georgia.html. [View Article]
[9] Jeremy Kirk, “Update: Estonia, Poland Help Georgia Fight Cyberattacks,” IDG News Service, August 12, 2008, http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9112399&
source=rss_news50. [View Article] Noah Shachtman, “Estonia, Google Help ‘Cyberlocked’ Georgia (Updated),” see source in [7].
[10] Evgeny Morozov, “An Army of Ones and Zeroes,” Slate, August 14, 2008, http://www.slate.com/id/2197514/.
[View Article]
[11] Russia/Georgia Cyber War – Findings and Analysis, Project Grey Goose: Phase I Report, October 17, 2008; Palantir Technologies, http://www.palantirtech.com/greygoose/. [View Article] Brian Krebs, “Report: Russia Hacker Forums Fueled Georgia Cyber Attack,” Security Fix, October 16, 2008, http://voices.washingtonpost.com/securityfix/2008/10/report_russian_hacker_forums_f.html. [View Article]
[12] Brian Krebs, “Report: Russia Hacker Forums Fueled Georgia Cyber Attack,” see source in [13]. “Palantir in the Wild: Palantir Government Conference,” Palantir Technologies, October 13, 2008, http://blog.palantirtech.com/2008/10/13/palantir-government-conference/. [View Article]
[13] Russia/Georgia Cyber War – Findings and Analysis, see source in [11].
[14] Ibid.
[15] Ibid.
[16] Renata Avila, “Internet and South Ossetia Crisis,” Global Voices, August 17, 2008, http://advocacy.globalvoicesonline.org/2008/08/17/internet-and-south-ossetia-crisis/. [View Article] John Markoff, “Before the Gunfire, Cyberattacks,” see source in [4].
[17] Cyrus Farivar, “Cyberwar I. What the Attacks on Estonia Have Taught Us About Online Combat,” Slate, May 22, 2007, http://www.slate.com/id/2166749/. [View Article]
[18] Johnny Ryan, “’iWar’: A New Threat, Its Convenience – and Our Increasing Vulnerability,” NATO Review, Winter 2007, http://www.nato.int/docu/review/2007/issue4/english/analysis2.html. [View Article]
[19] Clay Wilson, Botnets, Cybercrime, and Cyberterrorism: Vulnerabilities and Policy Issues for Congress, Congressional Research Service Report for Congress, January 29, 2008, http://fas.org/sgp/crs/terror/RL32114.pdf. [View Article]
[20] Binoy Kampmark, “Cyber Warfare Between Estonia and Russia,” Contemporary Review, Vol. 289, Issue 1686, Autumn 2007, http://findarticles.com/p/articles/mi_m2242/is_1686_289/ai_n24216009/pg_1?tag=artBody;col1. [View Article]
[21] “Russia: Estonian President Says Moscow Sees Democracy As A ‘Threat,’” Radio Free Europe/Radio Liberty, June 5, 2007, http://www.rferl.org/content/article/1076942.html. [View Article]
[22] See source in [18].
[23] See source in [17].
[24] Vladimir Socor, “NATO Creates Cyber Defense Center in Estonia,” Eurasia Daily Monitor, Vol.5, Issue 93, May 15, 2008. [25] “NATO Allies Sign Agreement on Cyber Defense Center,” International Herald Tribune, May 14, 2008, http://www.iht.com/articles/ap/2008/05/14/europe/EU-GEN-NATO-Cyber-Defenses.php. [View Article]
[26] See source in [24].
[27] Roger Boyes, “Russian Spy in NATO Could Have Passed on Missile Defense and Cyber-War Secrets,” Times Online, November 16, 2008, http://www.timesonline.co.uk/tol/news/world/europe/article5166227.ece; [View Article]David Leppard and Bruce Jones, “MI5 to Unravel Spy’s Treachery,” Times Online, November 23, 2008, http://www.timesonline.co.uk/tol/news/politics/article5213472.ece. [View Article]
[28] Roger Boyes, “Russian Spy in NATO Could Have Passed on Missile Defense and Cyber-War Secrets,” see source in [27].
[29] Ibid.
[30] Ibid.
[31] David Leppard and Bruce Jones, “MI5 to Unravel Spy’s Treachery,” see source in [27].
[32] Roger Boyes, “Russian Spy in NATO Could Have Passed on Missile Defense and Cyber-War Secrets,” see source in [27].
[33] Ibid.
[34] Julian E. Barnes, “Cyber Attack Has Pentagon Worried,” Chicago Tribune, November 30, 2008, http://www.chicagotribune.com/news/nationworld/chi-cyberattack_bdnov30,0,633998.story. [View Article]
[35] Ibid.
[36] Ibid.
[37] Julian E. Barnes, “Cyber-attack on Defense Department Computers Raises Concerns,” Los Angeles Times, November 28, 2008, http://www.latimes.com/news/printedition/front/la-na-cyberattack28-2008nov28,0,1970897.story. [View Article]
[38] See source in [34].
[39] As of February 2008, according to the Beijing-based research group BDA China, China boasted 220 million Internet users. For comparison, as of late 2007, there were 216 million Internet users in the United States. Calum MacLeod, “China Vaults Past USA in Internet Users,” USA Today, April 21, 2008, http://www.usatoday.com/tech/world/2008-04-20-Internetusers_N.htm. [View Article]
[40] Military Power of the People’s Republic of China 2008, Office of the Secretary of Defense, U.S. Department of Defense, March 3, 2008, http://www.defenselink.mil/pubs/pdfs/China_Military_Report_08.pdf. [View Article]
[41] Ibid.
[42] “BushHackers,” Financial Times, November 8, 2008.
[43] See source in [40].
[44] Ibid.
[45] Demetri Sevastopulo, “Chinese Hack into White House Network,” Financial Times, November 6, 2008.
[46] Julian E. Barnes, “Chinese Hacking Worries Pentagon,” Los Angeles Times, March 4, 2008.