Two weeks ago, Admiral Mike Rogers, head of U.S. Cyber Command and the director of the National Security Agency, told a congressional panel that China and “one or two” other countries would be capable of mounting a cyberattack that could shut down the power grid or other critical infrastructure. In addition, over the last two years, there have been a number of public reports that China-based hackers broke into industrial control systems (ICS). UglyGorilla, one of the five People’s Liberation Army hackers indicted by the Department of Justice, reportedly hacked into the computers of a public utility in the northeastern United States, perhaps to map the system in preparation for a future attack.
As with previous U.S. claims, the Chinese have fiercely denied that they hack at all, much less into industrial systems. But in one of the denials, there is an interesting insight into Chinese concerns about U.S. capabilities. This article in Chinese points out that these claims have been made before and are part of the “China threat theory,” efforts by Congress, the Defense Department, and others to paint China as a threat to the international order. The novelty and importance of the claim, the article argues, is that Rogers is its source. The article asserts, in a roundabout way, that this is evidence that the United States is capable of hacking into China’s power grid. No one knows what cyber capabilities China possesses, and so if Rogers is worried about someone hacking into U.S. critical infrastructure it is because he knows that Cyber Command can do it to others.
More concrete evidence of this concern is clear in the announcement this week that China is establishing its first laboratory to work on information security for industrial control systems (the story was also covered with the headline, “China’s Industrial Control System Information Security System is Grim“). According to the announcement, over 80 percent of China’s economy and critical infrastructure involve some type of industrial control system. These systems are vulnerable to attack for at least three reasons: operators have low security awareness and ICS are connected to the Internet; Chinese industry is heavily reliant on foreign suppliers for ICS and these suppliers have access in order to service or update software; and the country lacks a testing range or simulation environment to prepare for and defend against attacks. The laboratory is meant to address all of these weaknesses.
Read full article HERE