Did China Cause 2003 American Blackout?
When the American northeast went black in August of 2003, the official version of events was that a tree branch crippled a huge chunk of the American and Canadian power grids. This either seemed far-fetched, or utterly terrifying, depending on your point of view. Well, a new report from National Journal says that China’s “cyber-militia” may have been behind the event, and the overall implications are chilling:
There has never been an official U.S. government assertion of Chinese involvement in the outage, but intelligence and other government officials contacted for this story did not explicitly rule out a Chinese role. One security analyst in the private sector with close ties to the intelligence community said that some senior intelligence officials believe that China played a role in the 2003 blackout that is still not fully understood.
Perhaps even more startlingly, there have been assertions from American computer security experts that “China” (defined in the context as a military hacker) breached security systems again in February of this year and caused the Florida blackout, affecting 3 millions Americans in the process.
I can still remember when the blackout struck, I was driving down the street in Brooklyn coming back from a minor league baseball game. It was less than two years after the 9-11 attacks, and people were extremely unnerved for the first few minutes, until people realized that it was not a terrorist attack. Or so we thought.
I don’t really want to get hung up on terminology, but the potential involvement of a foreign government in the biggest American electrical outage in nearly three decades is an extremely unnerving realization. During the Gulf War in the early 1990s, China began to understand how woefully behind its military was technologically. The government began to pour enormous sums of money into its army, and has since become one of the elite forces in the world.
Until I read this article, I was under the impression that China was still significantly behind America, but the enormous development of cyber-militias by the PLA could potentially change the dynamics of international military build-ups, much as the Gulf War did a generation earlier.
The Defense Department has been cautious in choosing its words, emphasizing that threats have come from China as a geographical entity rather than the actual government, but there are clear overtones:
“Numerous computer networks around the world, including those owned by the U.S. government, were subject to intrusions that appear to have originated within” the People’s Republic of China. Although not claiming that the attacks were conducted by the Chinese government, or officially endorsed, the declaration built upon the previous year’s warning that the People’s Liberation Army is “building capabilities for information warfare” for possible use in “pre-emptive attacks.”
Former CIA offical Andrew Palowitch was not nearly as cautious in his comments in the article:
We are currently in a cyberwar, and war is going on today.
Is it possible that while the US was so worried about nuclear threats in Iraq that didn’t exist, tried to re-design the army into a “sleek” fighting force and talk tough with the world, that China identified, and is on the way to mastering, the next frontier of warfare? Sadly, the article reports that the Bush Administration may have been asleep at the switch until recently, arguably distracted by the ill-conceived Iraq “threat,” which was clearly less imminent than cyber-attacks:
Many security experts are surprised that the administration is only now moving to take dramatic measures to improve the security of government networks, because some Cabinet-level and White House officials have been warning about the threat for years to just about anyone who will listen.
Until McConnell, the national intelligence director, personally drove the point home to Bush in an Oval Office meeting in 2006, there was little top-level support for a comprehensive government cyber-security plan. “They ignored it,” one former senior administration official said flatly. “McConnell has the president’s ear.”
How dangerous is the cyber-threat? Reports indicate that experts have been telling Bush for years that the situation has disastrous potential for America, with serious action only being taken recently:
Lawrence Wright of The New Yorker reported earlier this year that McConnell told Bush during the 2006 Oval Office meeting, “If the 9/11 perpetrators had focused on a single U.S. bank through cyberattack and it had been successful, it would have had an order-of-magnitude greater impact on the U.S. economy.” According to Wright, the president was disturbed, and then asked Treasury Secretary Henry Paulson Jr., who was at the meeting, if McConnell was correct; Paulson assured the president that he was.
[Senior US counterintelligence official Joel] Brenner confirmed Wright’s account as “a true story.”
While there have been no widespread reports of specific “terrorism” of this sort, indications are that the tactics are already being used in a sinister way. According to the National Journal article China’s military currently uses its elite hackers for everything from national security to business negotiating tactics:
Brenner, the U.S. counterintelligence chief, said he knows of “a large American company” whose strategic information was obtained by its Chinese counterparts in advance of a business negotiation. As Brenner recounted the story, “The delegation gets to China and realizes, ‘These guys on the other side of the table know every bottom line on every significant negotiating point.’ They had to have got this by hacking into [the company’s] systems.”
Bennett told a similar story about a large, well-known American company. (Both he and Brenner declined to provide the names of the companies.) According to Bennett, the Chinese based their starting points for negotiation on the Americans’ end points.
These revelations come on the heels of an admission by the Bush Administration that the computer of Commerce Secretary Carlos Gutierrez in December of last year:
…spyware programs designed to clandestinely remove information from personal computers and other electronic equipment were discovered on devices used by Commerce Secretary Carlos Gutierrez and possibly other members of a U.S. trade delegation, according to a computer-security expert with firsthand knowledge of the spyware used. Gutierrez was in China with the Joint Commission on Commerce and Trade, a high-level delegation that includes the U.S. trade representative and that meets with Chinese officials to discuss such matters as intellectual-property rights, market access, and consumer product safety. According to the computer-security expert, the spyware programs were designed to open communications channels to an outside system, and to download the contents of the infected devices at regular intervals. The source said that the computer codes were identical to those found in the laptop computers and other devices of several senior executives of U.S. corporations…
None of this is to say that other countries don’t engage in similar practices, although it is much more unusual to see firms using them in business negotiations. Furthermore, there is serious concern that these different breaches are not simply uncoordinated efforts, but part of a broader trend that is based in national security vulnerabilities made possible by the nature of globalization:
Intelligence officials now worry that software developed overseas poses another layer of risk because malicious codes or backdoors can be embedded in the software at its creation. U.S. officials have singled out software manufacturers in emerging markets such as, not surprisingly, China.
In other words, if your company’s security system is designed by a firm, even an American firm, which has many of its coders in China or other foreign nations, competitors might not even need to do much work to access your information. They might already have the keys.
None of this is particularly surprising given the seemingly paranoid view of Chinese toward Microsoft over the last several years. In mid 2007 China Daily published an op-ed entitled “Microsoft operating system caches secret surveillance programs on China?” Hmmm…wonder why they would think that…
All of this could have serious implications for both business and national security in America and throughout the world. It is hardly a revelation that Chinese companies are engaging in such tactics, as many leaders in the foreign business community will not put any information about negotiations on computers in China and are extremely cautious even when talking on the phone about industry secrets. However, the apparent wide-scale of deception must give pause to even the most cynical business people. And national security experts would be wise to wonder if China’s military is running far ahead of the US on the next frontier of warfare. America has some serious catching up to do.
[update: Stan over at China Hearsay thinks I'm nutty, and maybe he's probably right. But I bet he doesn't doubt that Chinese companies are willing to steal information electronically during negotiations. Or if he does I'll get another lawyer to handle my billion-dollar takeover deals.]
Share This
Dan Harris responds:
Posted: June 1st, 2008 at 8:15 am →
Great post.
The US government recently raided one of my firm’s clients, accusing them of selling fake Cisco routers. The Feds have done this to many companies and the word is that the real concern is that these fake routers (some of which were allegedly sold to various US governments) were more than just routers; they were spying devices.
Having said this, I have always just assumed that countries like China, the US, Russia, Israel, France, etc. have been doing things like this to each other and to others for years and years, mostly under the radar.
Almost without exception, none of our Russian clients (both those in the United States and those in Russia) will discuss anything important over the phone; they assume the lines are bugged. Whenever I travel in China or Russia or Vietnam, I act as though someone is listening to me. I am not saying someone is, but I do think it is safer just to assume it.
stuart responds:
Posted: June 1st, 2008 at 11:41 am →
Thought-provoking, indeed.
Surely, if China’s role in the blackout was verified, it could be regarded as - cyber or otherwise - an act of war.
I would also be prepared to call it ‘interference in another country’s internal affairs’.
Pete Braden responds:
Posted: June 2nd, 2008 at 9:56 am →
Excellent post. I had basically written off the Carrefour website hacking and other such manipulations as the pranks of a ton of sexually frustrated young men. Which they are.
But they are also a grave omen of the future face of warfare. The deniability is the scariest part.
hopi responds:
Posted: June 2nd, 2008 at 11:42 am →
I find the article a bit paranoid, especially in terms of the business arena. There are far easier ways (not necessarily ethical ways though) to find out negotiation bottom lines than hacking. People switch jobs all the time, maybe an employee of the Chinese company onced worked at another company that negotiated against the American company. It’s also possible that the Chinese negotiators were just really good, they did their home work, and did an accurate assessment of the market. Who knows, there are many potential scenarios. I find it odd that these people believe the Chinese hacked without proof. I’ve worked with the Chinese and it seems most are way too busy tending to the redecoration of their new home, following the latest real estate market trend, and thinking about fun places to hang out, to just sit there and think about the most sinister ways to win an upper hand in negotiations. Most Chinese seem to be decent people. This is not to say that there aren’t bad Chinese apples, but it’s weird that they are always thought of in the worst light.
That said, I certainly would hope that both governments are improving their cyber security to protect confidential information and cyber infrastructure. They owe it to their people.
China Hearsay: China law, business, and economics commentary responds:
Posted: June 2nd, 2008 at 8:00 pm →
[...] has generally been circulated much more than it deserves. Even the normally cynical and skeptical Josh blogged about this story in a seemingly sincere and non-sarcastic way (I could be wrong, [...]
Jing responds:
Posted: June 2nd, 2008 at 9:01 pm →
Sadly no, China had nothing to do with the U.S. blackout of 2003 or likely the Florida one.
http://blog.wired.com/27bstroke6/2008/05/did-hackers-cau.html
“So China would have to have planted the race condition in a product used around the world, then, using the most devious malware ever devised, arranged for trees to grow up into exactly the right power lines at precisely the right time to trigger the cascade. ”
This is nothing more than paranoid conspiracy crafting by kooks and frothing at the mouth neo-cons.
Falen responds:
Posted: June 3rd, 2008 at 4:56 am →
Are you intentionally ignoring the sentence that says “…did not explicitly rule out a Chinese role.” Like they didn’t “explicitly rule out” Osama Bin Laden, Alien, etc etc… That’s a warning bell that tells me “bad journalism.” An just like that, this article is full of innuendos and short on real proof linking China to the break-in. They have
Ying Jia responds:
Posted: June 3rd, 2008 at 1:22 pm →
A Harris & Moure / China Law Blog client raided for selling fake Cisco product? Way to go Dan. Ya gotta just lurve that hourly billing.
Leo responds:
Posted: June 4th, 2008 at 1:45 am →
To name a few facts:
When the recent earth quake came to China, the Chinese earthquake authorities’ announcements were always 10-20 min later than those of the American. The Chinese pulibc charged the authorities with hiding the information while the authorities could only reply that they had done their best.
After the quake the Chinese government sent in the troops and helicopters. The helicopters could not land in the epicenter because they had no local coordination. A Chinese student sent her data of coordination and won the praise of the official press. Her data were based on the Google Earth.
A few days ago a PLA Mig-171 was down during the rescue operation. The authorities sent more than 10, 000 military and civilian personnel to search the area and promised 10,000 RMB award, dead or alive. The Mig-171 was not equipped with devices to send out positioning signal, which is a minimal requirement for the US military, as well as a little more sophiscated civilian, aircrafts.
Now you tell me the PLA lauched a cyber attack on the US and was caught doing so. Are they retarded?
hehe responds:
Posted: June 4th, 2008 at 7:53 pm →
Leo,
He is not retarded, he is too smart at least he thinks he is.
Ying Jia responds:
Posted: June 6th, 2008 at 3:38 pm →
Cyber-terrorism cynicism conspiracy theories so dodgy American lawyers can scare their naieve local clients into spending more money with them on legal protection. “China bad. You need to hire me to keep you out of trouble from those communists”. Go see http://www.chinalawblog.com and see how much Dan Harris and his gang of Seattle ambulance chasers REALLY love China.
Josh responds:
Posted: June 9th, 2008 at 7:20 pm →
Never thought of Dan as an ambulance chaser…although he does claim to be a good athlete.
And it the theory that I’m scaring people so they hire Dan? I’m confused.
mike responds:
Posted: June 11th, 2008 at 11:08 am →
“China” don’t do shit!
This is an endless, ongoing problem. There are two ways this accusation could be phrased:
1) Pimply garage-based independent hackers launched attacks.
2) Special PLA elite cyber-warfare units launched attacks.
Funny how often stories are worded to imply #2, while buried somewhere down in the story is the caveat it’s really #1? I figure about half political-journalistic sensationalism, half cognitive shortcut.
Bloggers should really have a ban on putting “China” as the subject of any non-descriptive sentence. As if the country is some monolithic entity that does things!