Forget Alibaba: China’s Growth Story No One’s Talking About
There’s breaking news about China and cyberwarfare (AKA “the fifth domain of war”).
The news concerns serious hacking by China’s “3PLA” group — the 100,000-strong computer army that’s mostly responsible for what is referred to as “Chinese military signals intelligence.”
The latest targets of Chinese hacking include contractors who perform critical work for a major U.S. military command.
Looking ahead, I foresee significant new levels of funding for a small number of U.S. companies that know how to fight in this kind of dark room.
Let’s discuss what’s happening and how it’s investable. But first, let’s set the stage…
In a recent drive through New York City, my taxi driver — and I, to be sure — benefitted from what’s called the “Internet of Things.” That is, a network in which many things are connected and communicating with many other things.
Indeed, we’re well on the way to a world in which “everything” is connected to “everything else,” in a fashion.
…it’s relatively easy for a trained hacker to infiltrate networks of most civilian companies.
New York has bought into the “Smart City” concept that I discussed on July 1 in these pages (which you can read here: “The Greatest National Security Challenge of the 21st Century“).
All manner of cameras and sensors fed traffic data into an array of software. The software, in turn, supports open and restricted apps that assist people — taxi drivers, delivery trucks, public transit, cops, firefighters and more — in navigating to and fro.
Broadly speaking, the Internet of Things is a network that should make life and work easier. Then again, that same network may also be our downfall.
Indeed, there’s worrisome news. Two weeks ago, the Senate Armed Services Committee (SASC) released a report about Chinese military computer hackers.
Over a one-year period, SASC identified 20 successful breaches against data systems of companies that perform critical work for the U.S. Transportation Command (TRANSCOM).
In essence, TRANSCOM moves troops and equipment for the U.S. Department of Defense (DOD), as well as other government agencies, plus allies and partners.
To perform these movements, TRANSCOM relies, in large part, on an extensive network of companies. Specifically, TRANSCOM uses passenger and cargo airlines, ship operators, railways and trucking companies.
The SASC report does not specify hacked companies. However, per Bloomberg News, the list may include FedEx, Evergreen Holdings., A.P. Moeller-Maersk A/S, United Parcel Service and Neptune Orient Lines.
All of these firms have global operations, tied together by extensive computer systems, other hardware and vast amounts of software.
In other words, moving military people and cargo these days is kind of like taking a fast, efficient, data-assisted taxi ride from lower Manhattan to LaGuardia, but on a larger scale.
Pretty much all DOD computer networks are heavily fortified nowadays; it’s tough for outsiders to get in without triggering alarms. On the other hand, it’s relatively easy for a trained hacker to infiltrate networks of most civilian companies.
In fact, TRANSCOM has acknowledged that the structure of its communication system with outside vendors make these kind of non-military, non-hardened channels more vulnerable to cyberattack.
The recent SASC report noted at least 20 successful intrusions on behalf of the Chinese government. “These are just those intrusions of which TRANSCOM is aware,” according to the report.
According to SASC, the hacker breaches occurred between 2008 and 2013; most were in 2012. During the breaches, Chinese hackers stole emails, attachments, database compilations and other documents.
Hackers compromised “multiple systems” within merchant ships, as well — which could include remote engine controls, plus environment and navigation systems.
During intrusions, hackers compromised shipping companies’ passwords, security protocols, background credentials and personal identification numbers for encrypted email. One so-called “phishing” scam led a gullible TRANSCOM contractor to download an email with malware onto the network of an unnamed airline.
Where does it all lead?
The TRANSCOM hacking attacks match a well-established pattern of past security breaches that trace back to China. There, from innumerable locales, Chinese military personnel engage in surveillance and active measures against U.S. military and contractor systems.
Sad to say, U.S. security officials are often unaware of breaches as they occur; and sometimes only detect the hacking weeks, months or even years later… if ever.
In general, TRANSCOM contractors must report cyberattacks to DOD, per a standard clause in all vendor contracts. But according to the SASC report, many contractors are unsure about what cyberintrusions to report, and to whom. That is, each contractor could have a separate “stove pipe” reporting chain, with different rules about who gets a report, and under what circumstances.
…the Chinese government has made surveillance, espionage and cyberoperations a military priority.
According to SASC, “The reasons for TRANSCOM being unaware of intrusions affecting its contractors include a lack of common understanding between TRANSCOM and other DOD components about what cyberinformation TRANSCOM needs to know and misperceptions about the rules governing how cyberintrusion-related information identifying a particular victim may be shared.”
As U.S. contractors get hacked, it’s becoming crystal clear that the Chinese military is highly proficient and professional in its approach to cyberintrusion.
According to a recent report in The Wall Street Journal, the Third Department of the People’s Liberation Army’s General Staff Department (aka “3PLA”) is “China’s equivalent to the U.S. National Security Administration.” 3PLA monitors global communications for threats against China, as well as harvests information with “commercial opportunities.”
The WSJ noted that 3PLA has “operational units… spread out widely throughout China.” Its personnel are recruited “from elite specialist universities.”
The organization musters an “estimated 100,000-plus hackers, linguists, analysts and officers,” throughout a dozen military intelligence bureaus. 3PLA is structured to conduct “multiple sub-operations (which) divvy up responsibility according to geography and task.”
From every appearance, the Chinese government has made surveillance, espionage and cyberoperations a military priority.
All in all, it’s a very “Sun Tzu”-oriented approach to deception, and to defeating enemies without having to engage in raw battle, if you are a student of the ancient strategist.
When you follow news about the U.S. defense budget, there’s a great need to spend just to recapitalize traditional platforms, such as ships and aircraft.
There’s also pressing need for funds that have to go for new munitions. And now, it’s evident that cyberwarfare will begin to soak up more and more defense spending. We can’t afford not to spend on this aspect of the threat matrix.
Keep your eye on this space!
Ed. Note: Cyberwarfare… the Internet of Things… new hardware and software companies… these are all investable themes that are covered in-depth in the Tomorrow in Review daily e-letter. These are trends that are already changing life on this planet. Future generations will remember us by the investments we make today. You can’t afford to miss this. Click here now to sign up for Tomorrow in Review, for FREE, before you do anything else today.