Forgot your password?
typodupeerror
China Security The Military IT

US and China Held Secret Cyber Wargames 71

Posted by samzenpus
from the now-you-hit-me dept.
judgecorp writes "Despite the accusations that have flown both ways between the countries, the US and China have co-operated in wargames, held in secret in Beijing and Washington, designed to head off escalations in hostilities. From the article: 'During the first exercise, both sides had to describe what they would do if they were attacked by a sophisticated computer virus, such as Stuxnet, which disabled centrifuges in Iran's nuclear program. In the second, they had to describe their reaction if the attack was known to have been launched from the other side.'"
This discussion has been archived. No new comments can be posted.

US and China Held Secret Cyber Wargames

Comments Filter:
  • "Describe what they would do if they were attacked by a sophisticated computer virus... [or] their reaction if the attack was known to have been launched from the other side."

    Doesn't sound like wargames to me, sounds like a thinktank. Although it's a promising start and may end up with something like the START [wikipedia.org] treaty.

  • by Alex Belits (437) * on Tuesday April 17, 2012 @11:02AM (#39710567) Homepage

    US: We send you a group of spies with Stuxnet virus on USB drives.
    China: Virus was incompatible with our hardware and software, we caught your spies and keep them in prison forever.

    China: Our spies stolen Outlook password while your diplomat was emailing our documents to CIA. We discovered that the same password works on all VPNs in CIA and NSA where your spy-diplomat had an account, and got encryption keys for all your drones in the Middle East.
    US: You can't, we have Norton!

  • Now I get it. (Score:5, Interesting)

    by Errol backfiring (1280012) on Tuesday April 17, 2012 @11:03AM (#39710585) Journal
    And, as a reaction, they outlawed the internet entirely with SOPA / CRIPPA / Heaven knows what the law is called today?
  • by cold fjord (826450) on Tuesday April 17, 2012 @11:09AM (#39710661)

    Sounds like a form of what are referred to as "confidence building measures" taken in various treaties aimed at reducing arms or reducing the chance of war. Interesting form though.

  • SlowNewsDay (Score:4, Insightful)

    by LostCluster (625375) * on Tuesday April 17, 2012 @11:09AM (#39710663)

    What we have here is a pen-and-paper exercise between two groups of bigwigs where there were asked a few questions about what they would do, and we have no idea if they answered truly or not. What is this story doing here? We must not have anything to talk about today.

    • Re:SlowNewsDay (Score:5, Insightful)

      by mlts (1038732) * on Tuesday April 17, 2012 @11:28AM (#39710855)

      I would disagree. The more communication the US has with China, and the more diplomatic friction is handled by other methods, especially in the computer intrusion department, the less chance there would be of a Sino-American war. Trust me, if people thought the Middle East was bad, it would be nothing compared to the Pacific Rim destabilizing.

      The good thing is that both the US and China want to survive, and are more interested in keeping their cities and next generations intact than blind ideology. Neither nation is interested in a war with the other.

      If the pissing contests are sorted out via wargames or a 2x2 Arena team in WoW, all the better. Better that than ICBMs.

      • The more communication the US has with China

        Who said this was communication? This was barely a "wargame" and not something worth our time.

      • China is waiting for the collapse of the US, Roman Empire style without an (international) shot fired. Once they pick up the final paroxyism signified by the Cheetos and Chrystal Meth mushroom cloud, they can crack open the seal on the World Domination plans. The (lumm)ox is slow, but the earth is patient.
        • Too bad when the US collapses it will take China and whole lot of other countries down with it. The more dialog between the US and China is a good thing. China is more dependant on the US then the US is on China. They produce nothing that cannot be acquired elsewhere or produced domestically. And contrary to most people's beliefs the US still commands the highest GDP and is still the #1 manufacturer in the world. China's appeal was it's cheaper exports but with other countries in the region finally getting

      • by Chris Burke (6130)

        If the pissing contests are sorted out via wargames or a 2x2 Arena team in WoW, all the better. Better that than ICBMs.

        Whoa, I don't think so! Having the teams on either side of an Arena match with access to ICBMs is a terrible idea for preventing nuclear war.

    • by Spykk (823586)

      What we have here is a pen-and-paper exercise

      GM: "Your party is enriching uranium when suddenly one of your centrifuges begins accelerating outside its operational parameters. How do you react?"
      China: "We cast clairvoyance on the US to see what technology they use to respond to this issue."
      US: "We summon a tarasque in the middle east and shout for everyone to look over there."

  • by dryriver (1010635) on Tuesday April 17, 2012 @11:19AM (#39710751)
    For Cyberwarfare to be able happen to begin with, critical IT systems on both sides would have to be connected to the Internet, right? Question: Why are those critical IT systems connected-to/reachable by Internet to begin with? Wouldn't you keep those systems AWAY from the Internet, and connect them together using some custom-laid fiberoptic WAN or something? Wouldn't you - for security's sake - maybe use custom CPUs/OSs on those systems that aren't even available on the free market? (i.e. having Intel or AMD or ARM manufacture a few thousand non-X86 compatible custom CPUs for you... running a custom-flavour of Linux on them that isn't compatible with the original Linux at all).
    • Re: (Score:3, Funny)

      by Anonymous Coward

      TOO MUCH COMMON SENSE!! Terrorist threat level: RED

    • by schlachter (862210) on Tuesday April 17, 2012 @11:53AM (#39711211)

      For Cyberwarfare to be able happen to begin with, critical IT systems on both sides would have to be connected to the Internet, right? Question: Why are those critical IT systems connected-to/reachable by Internet to begin with? Wouldn't you keep those systems AWAY from the Internet, and connect them together using some custom-laid fiberoptic WAN or something?

      Systems communicate across the country and sometimes across the world, and their location might be dynamic. It's not possible/practical to have custom fiber everywhere.

      Wouldn't you - for security's sake - maybe use custom CPUs/OSs on those systems that aren't even available on the free market? (i.e. having Intel or AMD or ARM manufacture a few thousand non-X86 compatible custom CPUs for you... running a custom-flavour of Linux on them that isn't compatible with the original Linux at all).

      It's an almost certainty that there are industrial and foreign spies at Intel, AMD, and nearly every major tech company in the US. And even if that weren't the case, foreign countries have ways of getting people to cooperate, especially when members of their family live abroad. Not sure it's as simple as you think.

      • Re: (Score:3, Interesting)

        by Anonymous Coward

        I think it is pretty much a given. Although I have seen a couple of companies (not intel or AMD) who take this very very seriously. I was surprised when I dealt with a company that flat out said "You are associated with China , we are not going to do business with you". On the other hand , I saw evidence that a Chinese national copied all of a companies R&D files a month before he went to China. Nothing was done. You may also ask why in the hell he had access to all of that information. Well I th

    • by vagn (2168)

      Thing is, if it is reachable by carrier pidgeon it is on the internet.

      *infiltraor required for full effectiveness
      **infiltrator sold separately
      ***not legal in all jurisdictions

    • by Anonymous Coward

      If you didn't miss it, stuxnet targeted PLC, which is different from x86. That didn't stop stuxnext which was a targeted attack.

      Custom hardware doesn't stop targeted attacks if you know the about the hardware and software. It is also extremely expensive to have custom made hardware for each system. Your "advice" is no different from what they are already doing and that was of no help. Their custom software was security prone as it didn't have enough push to secure and fix security problems until now. A cust

    • by k6mfw (1182893)
      probably because paradigm these days is have all computer stuff online. i.e. database services, put your pics on Flickr, Facebook, Cloud Computing, twitter, etc. Really, talk with most people and when you mention you have computer systems that are not connected to the internet, they will give you this deer-in-the-headlights look. I heard even Windows 7 systems have to be online (though I am not fully aware of details) reason that OS occasionally has to "phone home" to be sure it is not a pirated copy. This
    • by tlhIngan (30335)

      and connect them together using some custom-laid fiberoptic WAN or something? Wouldn't you - for security's sake - maybe use custom CPUs/OSs on those systems that aren't even available on the free market?

      And you, the taxpayer then immediately questions why the government is spending billions of dollars on a private fiber connectivity links and paying $5000 for hardware when they could be spending only millions and hundreds using COTS stuff. Government is so wasteful!

      Hell, I'm sure the ire of /. is raised sh

    • Why do you assume that cyber warfare requires Internet access when the most salient example of modern cyber warfare, Stuxnet, was spread through USB keys? We should airgap utilities and stuff like that, but at the end of the day, cyber warfare will probably involve agents (spies) planting software onto the other sides' hardware. Or spies just turning information over to the other side. I mean, it's like the flip side of encryption and the five dollar wrench. You can give a million bucks to the guy who knows

    • by f3rret (1776822)

      I imagine there are probably some of that going on, the "dedicated lines" thing I mean.
      The problem is that by its very nature there are some elements of the global telecommunications network that cannot be 'away from the internet', like core routers plugged into high-capacity backbone lines, like you cannot have the end points of a transoceanic fiber be 'away from the internet', and I doubt any army having to build a global communication network will want to lay their own private transoceanic cables.

  • by Anonymous Coward

    Did it end in global thermonuclear war?

    • Re: (Score:2, Funny)

      by Anonymous Coward

      Actually, it ended with a game of Tic-Tac-Toe.

  • They weren't boozing and whoring it up in Columbia. They were MacGyvering at Secret Cyber Wargames. They needed the hooker for the elastic straps in her bra, as the key ingredient of their hotel made laser canon.

    They can't let the truth get out, because, it is, like, you know, secret.

  • by wbr1 (2538558)
    If you think either side gave away thier true responses then you sirr are either naive or an idiot.
  • Has this turned into a military style of "who's got the bigger pen0r?"
  • So they finally checked their command centers and found that they have something in common.
  • ... certainly is what this is about, although analysing the others capabilities is probably at least as important as the confidence-building part.
  • by DaneM (810927) on Tuesday April 17, 2012 @12:51PM (#39712015)

    So, am I the only one wondering just how there's any guarantee whatsoever that these "descriptions" represent full disclosure and complete accuracy? How about this:

    China: We got your NSA admin login(s) through a botnet we planted in the USA, which eventually made it into your office. (Reality: we have a mole in your office who installed surveillance devices and then told us all the logins he could determine.) We then upload lots of spy/malware and own (all) your base.
    USA: We use our custom-made antivirus software (AKA Norton Antivirus or some other junk, probably) to scour our system of all your malware. (Reality: you really just found our honeypot. Now your attack computers are being used to feed malware into your systems. By the way, the mole is a double agent.)

    I guess I can't see how these exercises are reliably going to be used for anything but PR/propaganda and disinformation. It's obvious that each government sees the other as a potential threat (why would they even be worried about all this if not?), so it would be mind-bogglingly stupid for either side to explain exactly how the attacks will be done, and how incoming attacks would be countered. It's on the same level of "stupid" as giving the enemy complete briefings on our troop dispositions and armaments. So, I imagine that all that's really going on is something like:

    USA: We attack your stuff.
    China: We defend against your attacks, then counterattack.
    USA: We defend against your attacks, then counterattack. ...
    [several million tax dollars later]
    USA: That was productive. We're friends, now, right?
    China: Of course, we are. Let's shake hands in front of the cameras. You'll lower your firewalls, now, right?
    USA: Not a chance. You?
    China: Dream on.

    Does anyone else see how obtuse this seems?

    • by Tweezak (871255)

      It seems from the original Guardian article that as much effort was put into analyzing threat response as was put into understanding the reasons behind that response. As much as we don't trust the Chinese we are learning that they also don't trust us. If we begin to understand what we do that makes them uneasy we may just be able to avoid triggering the events we fear most.

  • Could it be that the Chinese government realized that by encouraging cyber-hooliganism, they've made a huge rod for their own backs? Blind Freddy could've seen it coming.

    Anyway, anything which encourages the Chinese to start 'acting their age', can only be a good thing.

  • by synapse7 (1075571)
    This article is weak for the cyber drinking game with only 6 mentions of the word "cyber".
  • by cyberchondriac (456626) on Tuesday April 17, 2012 @05:54PM (#39716587) Journal

    China to US: All your base are belong to us!

All this wheeling and dealing around, why, it isn't for money, it's for fun. Money's just the way we keep score. -- Henry Tyroon

Working...