Chinese Defense Ministry spokesman Geng Yansheng said the defense ministry and another major military website were the victims of about 144,000 hacking attacks per month in 2012.
The accusation comes a little more than a week after a 74-page report by American security firm Mandiant Corp. alleged a Chinese military unit has launched thousands of hacking attacks against U.S. companies and defense contractors since 2006 at the behest of the Chinese government.
“Our research and observations indicate that the Communist Party of China is tasking the Chinese People’s Liberation Army to commit systematic cyber espionage and data theft against organizations around the world,” reads the report which identifies the hackers as Advanced Persistent Threat 1 (APT1).
“Our analysis has led us to conclude that APT1 is … one of the most persistent of China’s cyber threat actors. We believe that APT1 is able to wage such a long-running and extensive cyber espionage campaign in large part because it receives direct government support.”
China indignantly denied the report’s findings, dismissing it as inaccurate.
“Chinese law forbids hacker attacks,” Yansheng said. “The Chinese government has always resolutely combat-related criminal activities, the Chinese army has never supported any hacker activity.”
While China has been painting itself as the victim since Mandiant went public with its report, it was not until today that China has offered details of the hacks supposedly originating from the U.S.
“China’s Ministry of National Defense and military networks since its inception has been facing a serious threat of cyber attacks,” Yansheng said. “Cyber attacks in recent years (has) been an upward trend. IP addresses show that, in 2012, China’s Ministry of National Defense and military networks” suffered a monthly average of 144,000 “attacks from the outside. Attacks from the United States accounted for 62.9 percent.”
Yansheng also made note of the U.S.’s pre-emptive strike policy.
“The U.S. media recently reported that the United States will adopt the policy of “pre-emptive” cyber attacks, large-scale expansion of network warfare units, and the development of network rules of engagement,” he said. “The above practices are not conducive to the joint efforts of the international community to enhance network security. We hope that the United States is made to explain and clarify.”
It came to light last month that U.S. President Barack Obama has the authority to order either a pre-emptive strike or retaliatory attack against its cyber enemies.
A secret legal review was carried out by the government to identify its policy on responding to cyberattacks or the threat of one, officials involved in the review told The New York Times.
The rules, which have been deemed highly classified, lay out the roles of both the military and intelligence agencies in such situations. It is the job of the military to defend or retaliate while it is up to intelligence agency personnel to perform searches of foreign computer networks for indications an attack is imminent on the U.S. With the president’s authorization, intelligence officials can also attack enemies by infusing them with damaging code — even if no war has been declared.
The officials interviewed by The Times said the Pentagon has launched a new Cyber Command and, as the threat of cyberattacks continues to grow, so to will the military’s budget for computer network warfare. The officials, who spoke on the condition of anonymity, said the new cyberpolicies were governed in part by the nation’s counterterrorism policy — especially on the roles the military and the intelligence agencies will play in the use of cyberweapons.