The world of cyberwarfare may be the latest hall of mirrors in the relations among nation states.  In the days of Cold War espionage – of agents and double agents – our intelligence services were often never quite sure what was true or what was false, what was a threat or what was simply intended as a bluff.

So, too, in the new world of cyberwarfare, where the Chinese government and People’s Liberation Army (PLA) may or may not be systematically planning to bring down our computer networks in a time of war; the hackers with Chinese addresses who have entered our systems may or may not even be Chinese; and the thousands of daily attacks may or may not have the potential for compromising or destroying the network capabilities of our military and civilian infrastructure.

In its June, 2008 issue, the National Journal published a widely-noted article by Shane Harris ("China's Cyber-Militia") strongly suggesting that the Chinese government or PLA may have been responsible for the blackout that hit the North East United States in 2003, as well as a smaller blackout in Florida earlier this year.

Precisely because of all the unknowns, the Chinese may have felt free to take a chance; but precisely because they could not be sure what the U.S. might know or how it would react, it is unlikely that they did.  Right now, then – and only right now it should be emphasized – there may be less here than meets the eye. 

However serious the medium- and long-term threat – and it is quite serious – some perspective is necessary in assessing Chinese responsibility for the blackouts, as exaggeration and even hysteria in the IT community may only ultimately undermine a sober response to China’s capabilities and future designs in cyberwarfare.

As Harris reports, there’s no question that the Chinese are already engaged in cyberespionage by breaking into government and private computers in an effort – often successful – to harvest our military and commercial secrets.  Their efforts took off during the Clinton Administration, during which there were a series of Chinese spy scandals to which the Administration offered only the most feeble response.

In fact, in a move that has entrenched significant danger for years to come, the Clinton Administration – as part of a misplaced gesture of trust toward the Chinese and Russians – ended efforts by our military to protect command and control systems from electromagnetic shock weapons.  These weapons can bring down systems and physically destroy them, the ultimate cyberwarfare nightmare.

The cyberspying that took off during the Clinton years (despite an acknowledgement by the President of its seriousness and a vow to stop it) continued at an increasing tempo and at a more sophisticated level with the development and diffusion of computer technology and the internet. 

High profile incidents – especially one involving the U.S. Secretary of Commerce, who had information on his laptop electronically stripped during a visit this year to China – may finally have alerted top business and government officials to the threat. President Bush, himself, is now taking the issue more seriously, as is the federal bureaucracy and private industry.  In fact, cyberspying is relatively easy to counter with off-the-shelf technology – or by something as simple as not taking crucial information in laptops on trips abroad.

Even more significant than the spying are Chinese efforts – likely going back to the Clinton Administration – to penetrate systems with a view to shutting down or destroying economic or military infrastructure.  That, more than cyberspying, could be a game-changer.

Clearly, China is developing these capabilities. They have established a kind of cybermilitia, developed techniques to attack enemy computer systems, and in all probability have at least penetrated and mapped various of our computer systems in both the private and public sectors.

But even while China has embraced asymmetrical warfare in cyberspace as a way to even the odds with the U.S., claims in the National Journal article on its own terms are not entirely convincing as to any official Chinese role in the blackouts. 

The Journal article only offers one firm assertion of Chinese government involvement in the 2003 blackout.  According to Tim Bennett, former President of the Cyber Security Industry Alliance, U.S. intelligence officials told him that the PLA had gained access to the electric power systems network and that the intrusion “may” have resulted in the blackout. 

The official reports on the Northeast blackout of 2003 blame a variety of factors, none involving a foreign power.  And just a few weeks ago, despite another claim by Bennett (corroborated only by an anonymous expert who cited other “sources with direct knowledge of the investigation”) that computer hacking was involved, possibly of Chinese government origin, the official report on the Florida blackout essentially ruled out cybersecurity breaches.

Conspiracy buffs may allege a cover up, but it’s unlikely that what could be construed as acts of war could be kept entirely under wraps.  There hasn’t been the hint of an authoritative word of an official Chinese role in either instance, while Paul Kurtz, special assistant to the President on critical infrastructure at the time of the 2003 blackout, has recently flatly denied the claim.

While the PLA is developing the capacity for cyberwarfare, that is a far cry from prompting serious electrical blackouts that would engender a terrific risk for China and at the very least could only have seriously damaged Sino-American relations – and toward what end?

Computer ownership is difficult to verify; others, including foreigners, could have remotely used Chinese government computers; and the hackers may simply have been individuals angry at the West over Tibet or another perceived grievance. The skills employed in hacking our systems have been used for years by individuals for financial gain or out of simple maliciousness.

At the same time, there is no way of knowing to what extent our infrastructure is even prone to the kind of degradation suggested by the National Journal article.  Certainly defenses against physical disruption that outlast the attack are available in the form of redundant systems, firewalls and protective software, as well as private networks.  If systems crash, they can usually be brought up quickly without lasting damage, as happened in Georgia in early August and also in Lithuania last year.

Crucially, and as China is likely aware, its own systems may be more exposed than ours given its increasing reliance on computers and its interest in electromagnetic dominance, which among other responses has prompted the establishment of a U.S. Air Force cyber command that will make use of the same kind of hackers China seems to be employing.

Any confrontations between militaries across the 130 kilometers of the Taiwan Strait, for example, will be heavily dependent on electrons in command and control of military operations and weapons systems – and the PLA would face an American military now systematically engaged in cyberwarfare exercises and with access to the technology of the country that leads the world in IT. 

The totality of circumstances, then, makes the recent blackout scenarios suggested by the National Journal improbable; more appearance than reality. But as with anything seriously threatening national security, especially given the knowns and especially the unknowns of cyberwarfare, vigilance is required as much as exaggeration is to be avoided. 

Even if China has not already brought down our systems, its capabilities present an increasing and profound peril in a military and civilian world now totally dependent on computers, and we need to ensure that the events suggested by the National Journal do not become a nightmarish reality that allows our adversaries a crucial advantage in any confrontation.