* US supply chain could be penetrated by China - report
* Risk of "catastrophic failure" of US networks cited
* Congress weighing cybersecurity bills
By Jim Wolf
WASHINGTON, March 8 Chinese cyberwarfare
would pose a "genuine risk" to the U.S. military in a conflict,
for instance over Taiwan or disputes in the South China Sea,
according to a report prepared for the U.S. Congress.
Operations against computer networks have become fundamental
to Beijing's military and national development strategies over
the past decade, said the 136-page analysis by Northrop Grumman
Corp released on Thursday by the U.S.-China Economic and
Security Review Commission.
Chinese commercial firms, bolstered by foreign partners, are
giving the military access to cutting-edge research and
technology, the analysis said.
The Chinese military's close ties to large Chinese
telecommunications firms create a path for state-sponsored
penetrations of supply networks for electronics used by the U.S.
military, government and private industry, it added.
That has the potential to cause a "catastrophic failure of
systems and networks supporting critical infrastructure for
national security or public safety," according to the report.
On the military side, "Chinese capabilities in computer
network operations have advanced sufficiently to pose genuine
risk to U.S. military operations in the event of a conflict,"
the report said.
A senior U.S. defense official took issue with that
"No one should think that Chinese cyber capabilities can
seriously impede U.S. military operations, said the official,
who asked not to be named pending the Pentagon's formulation of
its official response.
"We're cognizant of those capabilities, of course, and are
working on ways to add to the tools we already have to respond
to them if necessary," he said.
A spokesman for the Chinese embassy in Washington did not
immediately respond to a request for comment.
Beijing in the past has complained about what it called
unfair vilification by the 12-member bipartisan commission,
which was set up by Congress in 2000 to investigate
national-security implications of U.S. trade with China, the
world's second-largest economy.
Computer network operations, as defined by the report,
include attack and defense as well as network "exploitation,"
for instance for intelligence collection.
China is "fully engaged in leveraging all available
resources to create a diverse, technically advanced ability to
operate in cyberspace," and computer network operations are
being broadly applied to assist with long-term national
development, the report said.
It did not delve into reciprocal U.S. military efforts to
gain an edge in cyberspace, which the Pentagon now defines as a
potential battle zone like air, sea, space and land.
The keyboard-launched tools that China could use in a crisis
over Taiwan or in the South China Sea could delay or degrade a
potential U.S. military response, partly because of "the
vagaries of international law and policy surrounding
nation-state responses to apparent network attack," the report
Northrop Grumman's report is a follow-up to one it did for
the commission in 2009. That analysis said Beijing appeared to
be conducting "a long-term, sophisticated, computer network
exploitation campaign" against the U.S. government and its
Since then, official U.S. concern has grown over alleged
Chinese espionage via computer penetrations. In October, the
Office of the National Counterintelligence Executive, a U.S.
intelligence arm, said in a declassified report to Congress that
"Chinese actors are the world's most active and persistent
perpetrators of economic espionage."
Commission Chairman Dennis Shea voiced hope in a statement
that the new report would help the Congress in its current
deliberations over cybersecurity legislation to protect U.S.