12:30 PM

Cyber Strikes Like Nuclear Bombs, Says Chinese General

Chinese official calls for better Internet security, denies reports that China-affiliated attackers are targeting Western competitors.

Anonymous: 10 Things We Have Learned In 2013
Anonymous: 10 Things We Have Learned In 2013
(click image for larger view and for slideshow)
A leading Chinese military officer Monday warned that a failure of Internet security could have "damaging consequences" for all "big cyber countries."

"If the security of the Internet cannot be guaranteed, then ... results may be as serious as a nuclear bomb," said Gen. Fang Fenghui, chief of staff of the People's Liberation Army, in a joint press conference with his U.S. counterpart, Martin Dempsey, chairman of the Joint Chiefs of Staff, according to a statement released by the Joint Chiefs of Staff.

Dempsey is in China to conduct negotiations on a number of fronts, including cybersecurity, North Korea, terrorism and disaster relief -- in the wake of an earthquake Sunday in Sichuan Province that left an estimated 188 people dead and 11,500 injured, and for which the Chinese military has been leading the disaster response.

[ Is China behind hacks? Read China Denies U.S. Hacking Accusations: 6 Facts. ]

On the cybersecurity front, Fang during the press briefing denied reports that a Chinese military unit has been responsible for launching cyberespionage operations and advanced persistent threat attacks against Western competitors.

"None of these activities is tolerated here in China," he said, emphasizing that like the United States, China is itself a victim of online attacks, reported The Wall Street Journal. Furthermore, he noted the difficulty of accurately tracing back attacks to their true origin.

In an apparent first, however, the Chinese military official agreed to discuss the issue of cybersecurity in further high-level government talks. "Gen. Dempsey and I have already talked about the importance of maintaining cybersecurity," Fang said. "I believe it is important that we check out the idea that we should jointly work on this issue," he said.

Fang's remarks came the same day that Verizon released its annual Data Breach Investigations Report (DBIR). That report -- based on information provided by Verizon and the U.S. Computer Emergency Response Team, as well as other national CERTs, the U.S. Secret Service and law enforcement agencies in Europe -- counted 621 confirmed data breaches, 47,000 reported security incidents and 44 million compromised records in 2012.

"State-affiliated actors tied to China are the biggest mover in 2012," said the report. "Their efforts to steal IP [intellectual property] comprise about one-fifth of all breaches in this [2012] data set." The report noted that "a whopping 96% of espionage cases were attributed to threat actors in China."

"State espionage and IP theft is more prevalent than ever," said Jay Jacobs, a senior analyst for the RISK Team at Verizon, speaking by phone.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
User Rank: Apprentice
4/26/2013 | 10:01:13 PM
re: Cyber Strikes Like Nuclear Bombs, Says Chinese General
I am sorry, but there is simply no comparison here. Am I missing some sort of Cold War 2.0 hidden fear-mongering agenda here?

Cyber Attacks can not destroy "life" on earth. Likening Intellectual Property theft, and banking disruption to Nuke's is just wrong. This has to be one of the dumbest quotes / headlines I have seen in a while.
Lee Hu
Lee Hu,
User Rank: Apprentice
4/25/2013 | 11:57:49 AM
re: Cyber Strikes Like Nuclear Bombs, Says Chinese General
A Chinese military officer promoting Internet security is like Adolf Hitler promoting world peace. The Chinese government was warned over and over again since 2008...we tried to let them save face. But they wouldn't stop. Now, every major Internet security group in the world has identified the Chinese government as behind the espionage and all they have left to say is, "nuh uh."
Register for Dark Reading Newsletters
White Papers
Current Issue
Dark Reading Tech Digest September 7, 2015
Some security flaws go beyond simple app vulnerabilities. Have you checked for these?
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2015-10-09
The Telephony component in Apple OS X before 10.11, when the Continuity feature is enabled, allows local users to bypass intended telephone-call restrictions via unspecified vectors.

Published: 2015-10-09
The Safari Extensions implementation in Apple Safari before 9 does not require user confirmation before replacing an installed extension, which has unspecified impact and attack vectors.

Published: 2015-10-09
The API in the WebKit Plug-ins component in Apple Safari before 9 does not provide notification of an HTTP Redirection (aka 3xx) status code to a plugin, which allows remote attackers to bypass intended request restrictions via a crafted web site.

Published: 2015-10-09
The Intel Graphics Driver component in Apple OS X before 10.11 allows local users to gain privileges or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2015-5877.

Published: 2015-10-09
The Login Window component in Apple OS X before 10.11 does not ensure that the screen is locked at the intended time, which allows physically proximate attackers to obtain access by visiting an unattended workstation.

Dark Reading Radio
Archived Dark Reading Radio
What can the information security industry do to solve the IoT security problem? Learn more and join the conversation on the next episode of Dark Reading Radio.