Persistent Threat Historical Background of Research Paper

Download this Research Paper in word format (.doc)

Note: Sample below may appear distorted but all corresponding word document files contain proper formatting

Excerpt from Research Paper:



According to Toronto Star reporter Stephan Handelman in an article printed in 2005, the U.S. senior intelligence analysts consider China to be the greatest long-term threat to U.S. stability. China's military force and computer intelligence has reached its peak. Both the Europeans and the U.S. agree that the expansion of the Chinese military is more than "worrisome."

Another article posted on November 16, 2007 by the Washington Post claims that spying by China in the United States is the biggest threat keeping American technologies secret. Advances by the Chinese military are catching U.S. intelligence officials by surprise. It has also been suggested that the U.S. Department of Defense could inadvertently outsource the manufacturing of key weapons and military equipment to China. China is attempting to reverse its move into free markets by setting up state-owned enterprises and control over the 12 major industries, which include oil, telecommunications, shipping, automobiles, steel and information technology.

The PLA has developed a strategy called "Integrated Network Electronic Warfare," which is said to be guiding employment of CNO, as well as related warfare information tools. The strategy consists of the implementation of network warfare tools and electronic warfare weapons against enemy information systems. One of the main goals of the PLA is to achieve information dominance at both the strategic and the campaign levels. This statement is according to the Science of Military Strategy and the Science of Campaigns. It is important that the PLA make the transition from a mechanized force to an information force in order to win local wars against the enemy using a greater technological advantage, such as the United States. A strong warfare capability to control an enemy's access to its own technology is extremely important to winning.

PLA Information Warfare Planning

In order to effectively fight a technology war, it is important that one has the ability accurately access the likely impact on the adversary of a CNA strike on any given asset. This type of assessment is dependent on various network dependencies. In other words, have a good handle on the center of operations and choose targets in sequence to strike. Organize the enemy's weaknesses and arrange to take down these weaknesses one-by-one. This requires knowledge of their entire operational system and procedures. Mission planners should have a clear understanding of enemy network dependencies in order to break their line of defense. The CNA will also have a clear understanding of cultural and military sensitivities surrounding an attack.

Chinese Computer Network Operations During Conflict

PLA Commanders have CNO available during times of conflict even though the PLA rarely discusses CNO. CNO can be compared to missiles or air power. It is important to understand how the CNO could be used in support of larger campaigns. To do this, one must understand CNO in proper context. The strategy of CNO is simple: denying an enemy access to information systems, which are critical for combat operations and analysis of enemy weak points.

Chinese military leaders are typically influenced by their culture and traditional strategies, they have shown a willingness to use great force and strength in situations where the PRC was considered weaker. In some cases, conflict will be less costly at a later date in conditions that are less favorable to China. This logic seems unusual to Western cultures, but it reflects the ever changing strategic conditions. Both PLA and PRC leaders use this same logic and strategic planning, particularly in weapons planning.

The PLA uses CNO with EW weapons as a joint campaign capability. CNO is used for obtaining information, while providing opportunities for air, ground and naval forces to act upon. In a military crisis between China and the U.S., the CNO would most likely be used in order to make repeated attacks against the U.S. Department of Defense. These types of attacks are typically used to gather and degrade U.S. information and support systems so that the PLA may achieve their overall objectives. Both CNO and IW weapons may help delay the U.S. military weapon response without requiring direct combat with U.S. forces, which are far more superior.

The Logistics of Networks and Databases in a Conflict

In assessing U.S. campaigns of Iraq (Desert Storm and Operation Iraq Freedom), weak points can be identified in force deployment and logistics. On the flipside, defeating the U.S. logistics systems will not likely help defeat the U.S. military, but these types of disruptions will help buy the PLA (or attacker, whoever they may be) time. Time is important in battle and can be very beneficial to an enemy's defeat or winning.

Of interest regarding logistics includes specific unit deployment schedules, the rate of re-supply as well as scheduled material movement, assessments of unit readiness, lift availability and scheduling, maritime pre-positioning plans, air tasking orders for aerial re-fueling operations and logistic status of basis in the Western Pacific theater. Maintaining effective movement control during times of major mobilization can be extremely difficult and complex by nature. Major delays can be created by causing disruption to information systems at key nodes with an emphasis on shipping terminals and airports. This would cause the affected destination to stop production.

If the PLA can compromise just one weak password by logging in or exploiting SQL injection vulnerabilities, many logistics databases could easily be compromised with what is considered to be relatively easy access. By having continual access to NIPRNET using CNA techniques, as well as to logistics information, which support the TPFDD for different war plans, this would allow the PLA to put together a detailed intelligence picture of the intended U.S. force deployment.

The basic PLA strategy against NIPRNET logistics is likely very simple. It is speculated that it is a combination of attacks on specific network segments, which do not authenticate common Internet traffic through a proxy server, before leaving the network. By doing this, they will be able to operate much more freely within the network. An attacker in this type of situation can connect to a remote C2 node to download additional tools and can infiltrate data without the requirement of having valid user credentials.

There have been reports of China attacking U.S. networks in the past. These reports suggest that the individuals operating these procedures specifically target the competence to identify specific users within a unit or an organization, based on particular job functions or presumed access to information. If an attacker is able to penetrate or exploit legitimate user credentials, the attacker will be able to review file directories while potentially targeting specific files to alter, but this is all dependent on specific mission requirements and the U.S. INFOCON levels. These attackers can also access passive monitoring information for network traffic, which would be used for intelligence collection purposes. The utilization of these machines and strategies during times of peace may enable attackers to prepare a reserve of compromised machines, which would be used during crisis.

Chinese CNO operators probably possess the technical sophistication to build and upload rootkit, while converting remote access software and creating deep persistent access to whatever host is compromised. This makes their detection extremely difficult if not nearly impossible. Logistics support provided to operational units as a result of what is referred to as an "upstream" attack on the networks of civilian contractors has the potential for a greater impact, while being potentially easier against the smaller companies that usually lack sufficient resources or the expertise for sophisticated network security and monitoring. Many of these vulnerabilities, which I have outlined above, could be minimized if the network were to use a proxy server, implement firewalls, block proxy access without valid user identification and prevent user credentials from being exposed to the attackers.

Another way Chinese CNO operators may compromise the U.S. is by uploading invalid information (or false records) without the U.S. knowing, or by corrupting current user files and records in an attempt for possible intentional detection. Discovering this type of file corruption would generate the manpower and an intense resource review of targeted unit's database records, as well as other files, which would in turn, create very costly operational delays. If this type of attack was made against several large or critical supply nodes, there would be a significant impact.

If NIPRNET-based logistics database became compromised and files were uploaded or current files were exploited, it would require that PLA operators compromise a computer on the targeted LAN, while being able to operate the user's credentials. This capability has been observed in previous U.S. network intrusion attempts. These types of past compromises or attack attempts can be attributed to China in many instances.

If this type of attack were to be detected, there may be a greater impact on U.S. forces regarding the perception management and psychological operations. This would have a greater impact than…[continue]

Cite This Research Paper:

"Persistent Threat Historical Background Of" (2010, March 31) Retrieved December 4, 2016, from http://www.paperdue.com/essay/persistent-threat-historical-background-1223

"Persistent Threat Historical Background Of" 31 March 2010. Web.4 December. 2016. <http://www.paperdue.com/essay/persistent-threat-historical-background-1223>

"Persistent Threat Historical Background Of", 31 March 2010, Accessed.4 December. 2016, http://www.paperdue.com/essay/persistent-threat-historical-background-1223

Other Documents Pertaining To This Topic

  • Palliative Care

    Hisory of Palliatve Care Palliative Care Palliative Care Methods Palliative care entails assisting patients get through pain caused by different diseases. The patient may be ailing from any diseases, be it curable or untreatable. Even patient who are sick and almost passing away will need this care. Palliative care has characteristics that differentiate it to hospice care. The key role for palliative care is to help in improving the existence of someone and

  • Children Grief and Attachment Theory

    Figure 1 portrays three of the scenes 20/20 presented March 15, 2010. Figure 1: Heather, Rachel, and Unnamed Girl in 20/20 Program (adapted from Stossel, 2010). Statement of the Problem For any individual, the death of a family member, friend, parent or sibling may often be overwhelming. For adolescents, the death of person close to them may prove much more traumatic as it can disrupt adolescent development. Diana Mahoney (2008), with the

  • Marketing and Economics Agricultural

    Origins, History of the IMF The International Monetary Fund was first conceived between July 1-22, 1944, at the United Nations Monetary and Financial Conference in Bretton Woods, New Hampshire. The conference was attended by representatives of 45 nations, which were called together in order to plan and lay the groundwork for a cooperative economic framework to solve global financial crises before they occur. One key reason for the conference was to

  • Achievement Gap Go Into Any

    The achievement gap also may ultimately negatively affect the U.S. As it may cause the nation to become less competitive in the increasingly global communities (What is the…, 2009). In addition, research indicates that the achievement gap contributes to students who more likely grow up to be unemployed, incarcerated, and poor. Consequently, a quality education proves critical for Black children (Elder, ¶ 3). Causes Contributing to Achievement Gap Causes contributing to

  • Crucible by Arthur Miller Whether

    However, using today's less rigid religious standards make the outcome of the trials seem ridiculous and completely unjust. Today, most people do not consider witchcraft a reality, and so, basing a court decision on the confession of bewitched young women seems almost ludicrous. As critic Bloom maintains, "Today's audience cannot take the possibility of witchcraft seriously; the implication for us is that no enlightened citizen of any age would

  • Pseudomonas Aeruginosa

    Psuedomonas Aeruginosa Pseudomonas aeruginosa Epidemiology The Gram-negative, motile, rod-shaped bacterium Pseudomonas aeruginosa is an opportunistic killer that takes advantage of people suffering from medical problems (Van Delden and Iglewski, 1998).For this reason, P. aeruginosa is one of the most common nosocomial infection that occurs in hospitals. P. aeruginosa is responsible for causing 16% of pneumonia cases, 12% of urinary tract infections, 10% of bloodstream infections, and 8% of surgical infections due to hospital

  • War in Afghanistan Following the

    Fallout A section of commentators have taken issue with the manner in which the federal government denied suspected terrorist the due process of law as stipulated under the constitution. The government even commissioned the establishment of a torture chamber in Guantanamo Bay. This amounts to gross violation of human rights and civil liberties. There is another clause in the patriot act dubbed "enhanced surveillance procedures," which allows federal authorities to gather


Read Full Research Paper
Copyright 2016 . All Rights Reserved