Attackers—the identity of the culprit or culprits is still unknown, though the Russian government was at one point suspected—bombarded Web sites run by the Estonian government with superfluous Web traffic, up to 1,000 times the normal amount passing through the country's Web servers. The attackers used Russian blogs to successfully enlist Russian citizens in the assault, even instructing average computer users on how to attack Estonian Web sites. The attacks included the use of botnets, networks of otherwise benign computers that are broken into and controlled remotely by an attacker. The cyber attacks against Estonia resembled more of a cyber riot by Web users than a singular act of espionage.
China's goals are more subtle but no less dangerous. Although the Chinese government has denied involvement in this latest round of attacks, government officials last year published a report entitled "China's National Defense in 2006" that states China is pursuing a three-step development strategy to modernize its national defense and armed forces that includes building "informationized armed forces" capable of winning "informationized wars" by 2050.
The potential for information warfare was a key component of the U.S. Department of Defense's report to Congress earlier this year analyzing China's military capabilities. China views the acquisition and effective distribution of data as crucial to its ability to optimize "materials, energy and information to form a combined fighting force" and to apply "effective means to weaken the enemy side's information superiority and lower the operational efficiency of enemy information equipment," the report says.
The report asserts that China's People's Liberation Army has established information warfare units to develop viruses to attack enemy computer systems and networks, as well as tactics and measures to protect friendly computer systems and networks. The report charges that China is already engaged in cyber theft and attack against the U.S. and other countries that it perceives as its enemies. "China continues a systematic effort to obtain from abroad through legal and illegal commercial transactions dual-use and military technologies," the report says. In fact, it notes, U.S. Immigration and Customs Enforcement (ICE) officials have rated China's "aggressive and wide-ranging espionage as the leading threat to U.S. technology."
"In the United States, we're particularly vulnerable because a lot of our communication infrastructure is owned by the private sector," says Jody Westby, chief executive of security consulting firm Global Cyber Risk and chair of the American Bar Association's Privacy and Computer Crime Committee. "In China and Russia, their infrastructure is in the hands of the government, it's easier for them to coordinate and protect those assets."
"For every breach you read about at least five more go unreported," says Jayson Street, the chief information security officer for Stratagem 1 Solutions, a provider of IT security services, and an information technology consultant to the FBI and U.S. Secret Service. "The new Cold War is between China and the Western world."