Take a large and growing pool of programming talent and other technical skills. Stir in a public mood of obstreperous nationalism, and add a rather isolated, authoritarian government with at best a very shaky sense of the rule of law. Heat with ample funding, and the resulting brew turns into a potent cyber-threat.
Which is why a report mandated by Congress describes China as "the most threatening actor in cyberspace." Chinese hackers, often working hand-in-hand with China's intelligence agencies and military, are making a concerted effort to penetrate US military networks. Business and industrial networks are also targeted in an espionage effort aimed at obtaining both strategic and industrial intelligence.
China's cyber-espionage efforts are characterized by both growing sophistication and sheer volume. According to the draft report, "irrespective of the sophistication, the volume of exploitation attempts yielded enough successful breaches to make China the most threatening actor in cyberspace."
One striking example of the level of Chinese activity: Global cyber-attack traffic, usually about 15 percent of all Internet traffic, plunged by more than half on China's National Day holiday.
Most of the individual attacks traced to China remain relatively simple. Methods ranged from "zero-day" attacks exploiting previously unknown (and therefore unpatched) vulnerabilities to the use of stolen certificates to make malware appear legitimate.
Chinese penetrations of US military networks are generally aimed at intelligence-gathering rather than attacks in the narrow sense (such as bringing down systems). But the report notes that the techniques used "could switch to become distructive or disruptive." And the intelligence-gathering efforts divert resources because "they reportedly require weeks to investigate."
