Any modern country has a wide variety of assets to protect. Some of those assets are more necessary than others for the country’s security, welfare, and economy in general. Such critical assets include power grids, water supplies, public-transit systems, and telecommunications, to name a few. Critical infrastructure has to be protected from a wide variety of threats, both domestic and foreign. Given the nature of critical infrastructure, much of it is interconnected and interoperates through the use of technology—thus increasing the overall risk of possible threats.
As such, every country follows a variety of procedures and operations to minimize the risk of interrupting any critical infrastructure operations. It has to be mentioned here, though, that no one can completely erase the risk because, at any given time, there may be vulnerabilities in those infrastructures that we are not aware of.
As mentioned above, critical infrastructure holds huge significance for a country, and as such, these elements are considered HVTs (high-value targets) to enemies. The most convenient way to attack critical infrastructure is by using the Internet. Because of the nature of the target, attacks have to be carefully planned and specially “crafted” so that they can be carried out successfully. Such attacks are called advanced persistent threats (APTs). One of the most well-known APT attacks was delivered using Stuxnet, although that is not the only one.
Over the past few years, we have witnessed a lot of APT attacks against U.S. corporations such as Google, and even against U.S. government agencies. According to a report, most of these attacks can be traced back to China. China is operating a group called PLA Unit 61398, stationed in Shanghai and directly associated with the CPC, and it it tasked with cyber-espionage operations. In September 2014, the FBI issued a warning regarding a more advanced cyber-espionage group dubbed Axiom. In May 2014, the U.S. DoJ issued an indictment for five PLA Unit 61398 officials.
Although at the time Unit 61398 and Axiom conducted their operations mostly for economic espionage, that doesn’t mean this will always be the case. Those units have an established record of excellence when it comes to APTs and infiltrating critical infrastructure. For example, there are allegations that the Chinese J-31 4th Gen fighter jet is a direct copy of the U.S. F-35 (below). At the same time, their ability to infiltrate networks allows them to access to trade secrets, classified intel reports, ongoing operations, etc.
Subtle similarities. (Photo courtesy of infotechgarage.com)
Infiltrating a network allows an attacker to halt operations or wreck motors. For example, during the Stuxnet operations, the Iranian nuclear-enrichment facility lost almost 1000 centrifuges. Of course, if that can be done to them, that means that such techniques are also possible for them to use on us. In other words, such an adversary is capable of shutting down power grids and water pipelines, or messing with key transportation systems by exploiting SCADA (supervisory control and data acquisition). Although a nation can recover from such attacks, attacking even one piece of infrastructure may cause secondary harm to other critical systems. Also, depending on the extent of the attack, chaos may spread among the country’s citizens.
On top of this, a lot of hardware is produced in China and used worldwide by people. A report in The Guardian stated that an e-cigarette made in China was capable of infecting computers through its USB. This attack vector, although there are no indications that it would be used at this time, may be used by such units to attack corporations and critical infrastructure in the future. Given their wide variety of possible attack vectors and their known competency in building APTs, it is safe to assume that the Chinese cyber-espionage units are able to conduct cyber warfare and cause damage to critical infrastructure.
From an infosec perspective, the weakest link of any infrastructure is its users. Given that, historically, most APTs have successfully infected their targets by exploiting users through targeted emails, user awareness has to be addressed. An OPSEC model has to be used so that the user is constantly aware of possible threats. At the same time, security policies must address the threat of complicit insiders that might stray from established security protocols.
Any modern country has a wide variety of assets to protect. Some of those assets are more necessary than others for the country’s security, welfare, and economy in general. Such critical assets include power grids, water supplies, public-transit systems, and telecommunications, to name a few. Critical infrastructure has to be protected from a wide variety of threats, both domestic and foreign. Given the nature of critical infrastructure, much of it is interconnected and interoperates through the use of technology—thus increasing the overall risk of possible threats.
As such, every country follows a variety of procedures and operations to minimize the risk of interrupting any critical infrastructure operations. It has to be mentioned here, though, that no one can completely erase the risk because, at any given time, there may be vulnerabilities in those infrastructures that we are not aware of.
As mentioned above, critical infrastructure holds huge significance for a country, and as such, these elements are considered HVTs (high-value targets) to enemies. The most convenient way to attack critical infrastructure is by using the Internet. Because of the nature of the target, attacks have to be carefully planned and specially “crafted” so that they can be carried out successfully. Such attacks are called advanced persistent threats (APTs). One of the most well-known APT attacks was delivered using Stuxnet, although that is not the only one.
Over the past few years, we have witnessed a lot of APT attacks against U.S. corporations such as Google, and even against U.S. government agencies. According to a report, most of these attacks can be traced back to China. China is operating a group called PLA Unit 61398, stationed in Shanghai and directly associated with the CPC, and it it tasked with cyber-espionage operations. In September 2014, the FBI issued a warning regarding a more advanced cyber-espionage group dubbed Axiom. In May 2014, the U.S. DoJ issued an indictment for five PLA Unit 61398 officials.
Although at the time Unit 61398 and Axiom conducted their operations mostly for economic espionage, that doesn’t mean this will always be the case. Those units have an established record of excellence when it comes to APTs and infiltrating critical infrastructure. For example, there are allegations that the Chinese J-31 4th Gen fighter jet is a direct copy of the U.S. F-35 (below). At the same time, their ability to infiltrate networks allows them to access to trade secrets, classified intel reports, ongoing operations, etc.
Subtle similarities. (Photo courtesy of infotechgarage.com)
Infiltrating a network allows an attacker to halt operations or wreck motors. For example, during the Stuxnet operations, the Iranian nuclear-enrichment facility lost almost 1000 centrifuges. Of course, if that can be done to them, that means that such techniques are also possible for them to use on us. In other words, such an adversary is capable of shutting down power grids and water pipelines, or messing with key transportation systems by exploiting SCADA (supervisory control and data acquisition). Although a nation can recover from such attacks, attacking even one piece of infrastructure may cause secondary harm to other critical systems. Also, depending on the extent of the attack, chaos may spread among the country’s citizens.
On top of this, a lot of hardware is produced in China and used worldwide by people. A report in The Guardian stated that an e-cigarette made in China was capable of infecting computers through its USB. This attack vector, although there are no indications that it would be used at this time, may be used by such units to attack corporations and critical infrastructure in the future. Given their wide variety of possible attack vectors and their known competency in building APTs, it is safe to assume that the Chinese cyber-espionage units are able to conduct cyber warfare and cause damage to critical infrastructure.
From an infosec perspective, the weakest link of any infrastructure is its users. Given that, historically, most APTs have successfully infected their targets by exploiting users through targeted emails, user awareness has to be addressed. An OPSEC model has to be used so that the user is constantly aware of possible threats. At the same time, security policies must address the threat of complicit insiders that might stray from established security protocols.
Summing everything up, Chinese units are capable of conducting a variety of cyber-espionage and cyber-warfare operations. At the same time, critical infrastructure security officers need to begin educating users properly so that they are constantly aware of potential threats.
As someone who’s seen what happens when the truth is distorted, I know how unfair it feels when those who’ve sacrificed the most lose their voice. At SOFREP, our veteran journalists, who once fought for freedom, now fight to bring you unfiltered, real-world intel. But without your support, we risk losing this vital source of truth. By subscribing, you’re not just leveling the playing field—you’re standing with those who’ve already given so much, ensuring they continue to serve by delivering stories that matter. Every subscription means we can hire more veterans and keep their hard-earned knowledge in the fight. Don’t let their voices be silenced. Please consider subscribing now.
One team, one fight,
Brandon Webb former Navy SEAL, Bestselling Author and Editor-in-Chief
Barrett is the world leader in long-range, large-caliber, precision rifle design and manufacturing. Barrett products are used by civilians, sport shooters, law enforcement agencies, the United States military, and more than 75 State Department-approved countries around the world.
PO Box 1077 MURFREESBORO, Tennessee 37133 United States
Scrubba Wash Bag
Our ultra-portable washing machine makes your journey easier. This convenient, pocket-sized travel companion allows you to travel lighter while helping you save money, time and water.
Our roots in shooting sports started off back in 1996 with our founder and CEO, Josh Ungier. His love of airguns took hold of our company from day one and we became the first e-commerce retailer dedicated to airguns, optics, ammo, and accessories. Over the next 25 years, customers turned to us for our unmatched product selection, great advice, education, and continued support of the sport and airgun industry.
COMMENTS
There are on this article.
You must become a subscriber or login to view or post comments on this article.