The Canadian report on the China-based spy ring, the Shadow Network, is careful to avoid directly saying Beijing is behind its activities. That’s because in cyberspace — where electronic identities are routinely faked and stolen and electronic pathways easily disguised — definite proof is impossible.
But few in either the Canadian team or the Indian security establishment doubt the ring had official sanction.
The circumstantial evidence is strong.
Says Canadian cyber-sleuth Ronald Deibert: “We have evidence that suggests that the attackers came from Chengdu in China. There’s a known PLA (People’s Liberation Army) facility in that city. So, it would be foolish to ignore that connection.”
Then, the documents stolen were of the type that interest governments most. As last year’s report on the Chinese e-surveillance ring, GhostNet, notes: “Many of the high confidence, high-value targets that we identified are clearly linked to Chinese foreign and defence policy, particularly in South and South East Asia.”
And finally, the Shadow Network “checked in” with a command and control server in Chongqing, a known centre for Chinese mafia groups, the Triads. Triads, the report states, “have significant connections to the Chinese government and the Chinese Communist Party”. Intelligence agencies often use criminal organisations as fronts for their own work. For obvious reasons, Triads are favoured by Beijing.
Governments across the world have privately complained to Beijing about many of these attacks. A senior European diplomat described how, after one such attack, his head of government remonstrated with Chinese leader Hu Jintao, who promised: “It won’t happen again”.
Why does China invest so much in offensive cyber capability?
Chinese military strategists are obsessed with “ruan cuihui” — soft destruction. This focuses on using computer viruses and electronic interference to strike an enemy’s military information systems. China’s strategic literature often speaks of carrying out dianzi Zhenzhugang — “an electronic Pearl Harbour”.
Chinese officials like to tell other countries that India is too weak to be a matter of concern. Nonetheless, as China security analyst DS Rajan had once noted, the PLA’s Liberation Army Daily website provides daily updates on the arsenals of only six countries: the US, Russia, Taiwan, Japan, the UK and India.
Beijing has also been surprised at the rise of India’s software prowess. A Chinese leader some years ago told his Indian counterpart: “We are ahead of you in everything — except software.”
Developing electronics warfare capability against India follows automatically. “We are a logical target for Chinese cyber-attacks,” says K. Santhanam, former number two of the DRDO.
It is also hard to underestimate how paranoid Beijing is of the Dalai Lama and the Tibetan diaspora in India. The Chinese establishment rates the fragmenting of the country by “splittists” — a term for separatists — as the number one threat to their country.
No surprise then that GhostNet and Shadow Network targeted Tibetan circles in India — and the establishment Chinese perceive to be their mentor.