Published August 25, 2011
BEIJING – Chinese state TV broadcast footage of what experts on its armed forces say appears to be a military institute demonstrating software designed to attack websites in the US, The Wall Street Journal reported Thursday.
Although it could be a decade old or a mock-up, the 10-second segment -- part of a longer report on cybersecurity -- appears to be a rare example of an official source contradicting China's repeated assertions that it does not engage in cyberattacks, according to a report by two experts from the China SignPost analytical service, which specializes in military matters.
The slightest suggestion that the Chinese military attacked US websites is highly sensitive, especially since the Pentagon published a new cyberstrategy in July that laid the ground for the US to potentially respond with traditional military force to crippling cyberattacks from abroad.
That move followed a string of cyberattacks over the past few years on US targets including Google, Lockheed Martin and the Pentagon itself, which many US officials believe originated in China, though they have not so far offered evidence publicly to prove this.
China's Foreign and Defense Ministries did not respond to requests for comment Wednesday. Nor did China Central Television Channel 7, known as CCTV-7, where the footage was shown a month ago. In the past, China's government has repeatedly denied any involvement in cyberattacks and has said that China itself is one of the biggest victims of hacking.
The 10-second clip features Senior Col. Du Wenlong, a researcher at the Chinese army's Academy of Military Sciences, giving a detailed analysis of cybersecurity issues around the world.
At one point, as a narrator discusses various forms of cyberattack, a cursor is shown moving on a computer screen with a software application that is identified in Chinese characters as a "distributed denial-of-service" attack. Also known as DDOS, such attacks are relatively unsophisticated tools of cyberwarfare that involve bombarding websites with data to disable them.
The next screen says at the top, in Chinese, "Attack system. PLA Electronic Engineering Institute." PLA stands for People's Liberation Army.
Below, it asks the user to "Choose the attack target" from a drop-down list of websites related to the Falun Gong spiritual movement, which China's government banned in 1999 and which has been the object of a sustained crackdown ever since.
The cursor highlights one, called Minghui.org, and then clicks on a large button below saying "Attack."
The IP address given for the selected website -- which is currently unavailable in China but accessible in the US -- is 126.96.36.199 and is registered to the University of Alabama in Birmingham, according to at least two websites that trace IP addresses.
The report said that if the footage was real, it was probably a decade old, because of the rudimentary nature of the DDOS attack depicted, and because there was a spate of such attacks on Falun Gong targets 10 year ago.