Hacker claims breach of Chinese defense contractor

Lol apparently anonymous are moving against chinese websites as well..

BBC News - Chinese websites 'defaced in Anonymous attack'

Personally I don't think it is an issue at the moment but hopefully will be a wake up call for the government/military to invest more into cyber defense rather than only cyber "offense" which we've heard so much about in the media.
Although their call for a collapse of the regime makes me facepalm rather strongly.

These people act like this is new. Like hackers in the West had a hands-off policy for China until now? Like Western governments aren't sponsoring hacking into Chinese systems. All it is is an excuse to do what they've always been doing but trying to make it look like China was the one that started it.

^ True, but anonymous have shown themselves to be relatively organized and quite capable in the past. Possibly the only reason they constitute an annoyance is that there is no one to hold accountable, unless China organizes some sort of counter hacking force to ID and seek culprits and expose them to whatever laws could be brought down.

Of course defacing a few websites is a bit more than a stone's throw away from trying to bring down an entire country LOL

Some of the anons were arrested or identified recently. Probably given an ultimatum: work for the CIA, or go to jail. Now the CIA can get some free hackers with plausible deniability (as long as they publicly post some of the supposed loot). Win win for them I guess.
I'm sure Chinese "cyber command" is aware of these obvious links and are working on appropriate counter action.

Well CEIEC primarily handles weapon systems exports so the hackers don't really have to hack to get the weapon's details, they can try easier routes, say, I don't know, maybe subscribing to a catalog?

Originally Posted by RedMercury

Some of the anons were arrested or identified recently. Probably given an ultimatum: work for the CIA, or go to jail. Now the CIA can get some free hackers with plausible deniability (as long as they publicly post some of the supposed loot). Win win for them I guess.
I'm sure Chinese "cyber command" is aware of these obvious links and are working on appropriate counter action.

Exactly man, I was trying to bring out that we have had news post at world news thread that the top anons boss being rat for the CIA for months before the organization was publicly raided and arrested. And now the supposed "in custody" cyber crime orginization stands out for the greater good and try to bring down the evil red China?

I consider this a troll to people's IQ, by you-know-who's deniability.

Counterattack on China in cyber-space

The high-profile intrusion into the e-mail server of China Electronics Import & Export Corporation by "Hardcore Charlie" may mark the coming out party for America's own band of patriotic hackers.

Documents obtained through the hack were posted on file-sharing sites. For the most part, they are a bewildering grab bag of seemingly inconsequential documents. One folder contains regulations concerning the privatization of public universities in Vietnam; another reveals the monthly salary of an English teacher working for Ivanhoe Copper in Myanmar.

Then there are the somewhat more disturbing documents: pages and pages of spreadsheets and US military Acrobat files detailing the recent movements of the quaintly-named "jingle trucks" operated by local companies delivering supplies to the network of US facilities inside Afghanistan. The documents are not marked secret, and the US government has apparently still not taken steps to remove them from the file-sharing services a week after they were posted.

In a web statement, Hardcore Charlie justified his hack with the assertion that China was passing sensitive information to America's enemies, including the Taliban. In a pastiche of English, Spanish, obscenities and racist references, he stated:

Hola comradezz, Today us prezenta recently owneed chino military kontraktor CEIEC Us be shoked porque their shiiit was packed with goodiez cummin froma USA Military brigadezz in Afghanistan, them lulz hablando mucho puneta sam slit eyed dudz in Vietnam and Philiez doing bizness in Ukraine and Russia selling goodiez to Taliban terrorists.

CEIEC, for its part, issued a denial equally deficient in grammatical polish, stating:

CEIEC solemnly declares as below:
The information reported is totally groundless, highly subjective and defamatory. It is believed that rumors stop at wiser.

CEIEC reserves the right to take legal action against the relevant responsible individuals and institutions. [1]

Observers noted the apparent incongruity of CEIEC asserting it had not been hacked ... but reserving the right to take legal action.

The Chinese version is somewhat less incoherent, but only slightly. It appears that CEIEC may be trying to say that it is taking issue with the allegations - for instance, that CEIEC is passing on the information to bad guys in Ukraine, Syria, Russia and the Taliban - while skating past the question of whether it was actually hacked. [2]

CEIEC is described as a "defense contractor" in foreign coverage. However, this may be overstating the case somewhat. CEIEC is one of the ancient import/export corporations set up under the Ministry of Foreign Trade 30 years ago. It did a booming business when international trade was a monopoly of the government import/export corporations, and still benefits from its government ties in handling foreign aid projects and administering international tenders.

At the same time, it has successfully reinvented itself as a prime contractor on overseas projects and, in terms of gross revenue, is one of China's bigger companies.

CEIEC is not an industrial enterprise with its own manufacturing capability. It has targeted the defense electronics sector, as an integrator and prime contractor, apparently hoping to supply systems to China's allies overseas. Whatever it has on its servers, it is probably not the crown jewels of China's defense establishment.

But the question of how the minutiae of US military truck transport in Afghanistan ended up on CEIEC's servers remains a mystery. The CEIEC case does highlight a remarkable trend in international hacking - the appearance of non-government auxiliaries in cyber-war battles.

China is notorious for its interest in cyber-war as an asymmetric counter to the conventional military superiority of the United States ... and for its apparent willingness to farm out, encourage, or benefit from private hacker initiatives.

On 2010, Mara Hvistendahl wrote in Foreign Policy:

[T]he hacking scene in China probably looks more like a few intelligence officers overseeing a jumble of talented - and sometimes unruly - patriotic hackers. Since the 1990s, China has had an intelligence program targeting foreign technology, says James A Lewis, senior fellow for cyber-security and Internet policy at the Center for Strategic and International Studies. Beyond that, however, things get complicated. "The hacking scene can be chaotic," he says. "There are many actors, some directed by the government and others tolerated by it. These actors can include civilian agencies, companies, and individuals." [3]

Patriotic hackers in China are called "hong ke" or "red guest", a pun on the phonetic rendering "hei ke" or "black guest" for hacker.

Their patriotic cyber-duties included destroying the online presence of South Korean boy band Super Junior after an unruly and undignified crowd of Chinese fans clamored to hear the band at the Shanghai World Expo and embarrassed Chinese nationalists. [4]

They also weigh in on foreign issues of greater moment, mixing it up with their Japanese counterparts when Sino-Japanese passions are inflamed by visits to the Yasukuni Shrine or the collision between a Chinese fishing boat and Japanese coast guard vessel off Diaoyutai/Senkaku in 2011.

But their major utility to the Chinese government may be their ability to generate chaff - a barrage of cyber-attacks to distract and overwhelm US security specialists trying to cope with China's pervasive, professional program of industrial and military espionage - and give the People's Republic of China (PRC) government deniability when hacking is traced to a Chinese source.

Chinese industrial cyber-espionage has emerged as a dominant near-term security concern of the United States.

The Barack Obama administration went public with its case against China in November 2011, with a report on industrial espionage titled Foreign Economic Collection. It described China rather generously as a "Persistent Collector" given the PRC's implication in several high-profile industrial espionage cases and soft-pedaled the issue of official Chinese government involvement. The report stated:

US corporations and cyber-security specialists also have reported an onslaught of computer network intrusions originating from Internet Protocol (IP) addresses in China, which private sector specialists call "advanced persistent threats." Some of these reports have alleged a Chinese corporate or government sponsor of the activity, but the IC [intelligence community] has not been able to attribute many of these private sector data breaches to a state sponsor. Attribution is especially difficult when the event occurs weeks or months before the victims request IC or law enforcement help. [5]

A month later, in December 2011, US criticism of China became a lot more pointed. Business Week published an exhaustive report on Chinese cyber-espionage, clearly prepared with the cooperation of federal law enforcement authorities as it named and described several investigations:

The hackers are part of a massive espionage ring codenamed Byzantine Foothold by US investigators, according to a person familiar with efforts to track the group. They specialize in infiltrating networks using phishing e-mails laden with spyware, often passing on the task of exfiltrating data to others.

Segmented tasking among various groups and sophisticated support infrastructure are among the tactics intelligence officials have revealed to Congress to show the hacking is centrally coordinated, the person said. US investigators estimate Byzantine Foothold is made up of anywhere from several dozen hackers to more than one hundred, said the person, who declined to be identified because the matter is secret. [6]

United States security boffin Richard Clarke had this to say about Chinese cyber-espionage in an interview with Smithsonian magazine:

"I'm about to say something that people think is an exaggeration, but I think the evidence is pretty strong," he tells me. "Every major company in the United States has already been penetrated by China."

"What?"

"The British government actually said [something similar] about their own country."

Clarke claims, for instance, that the manufacturer of the F-35, our next-generation fighter bomber, has been penetrated and F-35 details stolen. And don't get him started on our supply chain of chips, routers and hardware we import from Chinese and other foreign suppliers and what may be implanted in them-"logic bombs," trapdoors and "Trojan horses," all ready to be activated on command so we won't know what hit us. Or what's already hitting us. [7]

Some big numbers are being thrown around to publicize the Chinese threat.

Business Week's report, while admitting the woolliness of its methodology, stated that losses to American companies from international cyber-espionage amounted to US$500 billion in a single year.

Scott Borg, director of a non-profit outfit called the US Cyber Consequences Unit told Business Week:

"We're talking about stealing entire industries ... This may be the biggest transfer of wealth in a short period of time that the world has ever seen."

Beyond these apocalyptic economic and military scenarios, we might also descend to the personal and political and point out that Google, a favorite target of Chinese cyber-attacks, is Obama's friend, indispensable ally, brain trust and source of personnel in the high-tech sector.

Connect the dots, and it is clear that the Obama administration, in its usual meticulous way, is escalating the rhetoric and preparing the public and the behind-the-scenes groundwork for major pushback against China in the cyber-arena.

Beyond moves in the legal arena such as the aggressive prosecution of the DuPont industrial espionage case - alleging that China orchestrated a program to steal DuPont's titanium dioxide technology - it is interesting to speculate what other moves the Obama administration might make.

The United States is undoubtedly already doing its best to penetrate China's government, military and scientific networks.

How could the US escalate, especially in the industrial and commercial sphere, where the US mindset is that everything worthwhile the Chinese have was stolen from us, so what's worth stealing back?

Maybe the answer is cyber-harassment, turning a blind eye - or actively egging on - non-government hackers to embarrass, inconvenience, humiliate and perhaps even destabilize the Chinese regime.

Consider this April 4 report by Emil Prodalinski at ZDNet on an explosion in hacking against China since a Twitter account was launched on March 30:

The hacktivist group Anonymous now has a Chinese branch. An Anonymous China Twitter account was created late last month ... Boy have they been busy. Hundreds of Chinese government, company, and other general websites have been hacked and defaced in the span of a few days. A couple have also had their administrator accounts, phone numbers, and e-mail addresses posted publicly. On the hacked sites, the group even posted tips for how to circumvent the Great Firewall of China.

A long Pastebin post lists all the websites that were targeted. It contains 327 websites in total, but an updated list, also on Pastebin, brings that number to 485. Most of these websites are operational once again, but many have been defaced a second time after they were brought back. Not all of them were hacked and defaced; some were treated with more viciousness than others. [8]

Prodalinski subsequently wrote that the attacks had not abated and China, in an interesting case of public relations jiu jitsu, was using the campaign as evidence that it was one of the world's many victims of cyber-misbehavior (and, by implication, not a major perpetrator):

While Anonymous was not specifically mentioned, it's obvious what China's Ministry of Foreign Affairs was referring to during a briefing on Thursday, given the events during the last week. "First of all, China's Internet is open to all, users enjoy total freedom online. China has gained 500 million netizens and 300 million bloggers in a very short period of time, which shows the attraction and openness of China's Internet," spokesman Hong Lei said in a statement, according to CNN. "Secondly, the Chinese government manages the Internet according to law and regulations. Thirdly, certain reports prove again that China is a victim of Internet hacker attacks." [9]

It will be interesting to see how sympathetic the Obama administration will be if the Chinese government begins squealing to it about this outbreak of anti-PRC hacking.

The current Anonymous hacks have been of remarkably unimpressive and uninteresting Chinese sites - like the Taoyuan Bureau of Land and Resources. One can wonder if escalation to more tempting, juicier and more sensational targets is in the future. [10]

My speculation is that the campaign of cyber-attacks against Chinese targets was seeded by the US government, but has gathered its own momentum and is drawing in freelance foreign and some Chinese hackers searching for lulz - the hacker term for giggles or detached/callous amusement.

Let us now return to the perpetrator of the most spectacular hack to date - Hardcore Charlie - and if his postings reveal anything about his motivations.

Hardcore Charlie's web persona displays a military bent. His web alias derives from a death card (a specially printed playing card with an intimidating message sometimes placed on an enemy corpse by US servicemen) associated with the US Army's 101st Airborne Division: "Compliments of Hardcore Charlie - 3rd BN 502 Infantry - When you care enough to send the very best - AIR ASSAULT." [11]

Hardcore Charlie's postings also quote lyrics on a military theme, from "Marines" by the German thrash metal band Sodom. He recommends reading the files to the accompaniment of a Youtube videomontage of Francis Ford Coppola's Vietnam epic film Apocalypse Now, using Sodom's "Napalm in the Morning" as the soundtrack.

But perhaps there's something more going on here than pro-military pro-freedom enthusiasm. Sodom is an avowedly anti-war band that toured Vietnam, even though it was denied permission to play there, so it could learn more about the war and its aftermath.

Two more bumpers in the postings quote KMFDM, German industrial rockers (and, unfortunately sometimes a favorite band of alienated and murderous high-schoolers such as Eric Harris, the Columbine shooter) with what one could characterize as a vigorous anti-American government stance.

From KMFDM's anti-George W Bush anthem "Stars and Stripes" (whose video includes a Bush/Hitler juxtaposition) , Hardcore Charlie pulled the quote: ... Cut back civil rights / Make no mistake / Tell 'em homeland security is now at stake / Whip up a frenzy / keep 'em suspended / Don't let 'em know that their liberty's ended ... [12]

From another KMFDM song, New American Century, another quote: ... LOVE THY NEIGHBOR TURN HIM IN.. its called PATRIOTISM ...

Interesting, especially when one considers how Hardcore Charlie, in apparently his only media availability, with Reuters, was described: The hacker, who uses the name Hardcore Charlie and said he was a friend of Hector Xavier Monsegur, the leader-turned- informant of the activist hacking group, LulzSec ... [13]

Rewind to March 2012: Key members of the hacking collective known as LulzSec were arrested Tuesday morning, a move authorities are calling "devastating to the organization". According to an exclusive report by Foxnews.com LulzSec's alleged ringleader, Hector Xavier Monsegur of New York City, helped authorities with the arrest. [14]

As for LulzSec, it was an ad hoc hacker collective spun off from Anonymous (the same grouping bedeviling China under the Anonymous China hashtag) by Monsegur. Its sensational 50-day career in 2011 was described by PC Magazine:

May 7 - Lulz Security [claims] to have gotten ahold of a database of contestants from the Fox TV show X Factor. Lulzsec follows up a few days later with more sales and internal data gleaned from Fox.com.

May 30 - After hacks of Sony in Japan and a British ATM database, Lulzsec scores its first big publicity coup by posting a fake story on the PBS website, which claimed that Tupac Shakur was alive and well in New Zealand.

June 2 - Lulzsec posts personal data for more than a million users from a handful of Sony websites, …

June 3 - The "Lulz Boat" sets a course for the government, targeting security organizations that work with the FBI and other agencies …

June 13-20 - Lulzsec appears to be hitting its stride, with a busy week hacking into the US. Senate's website, stealing the account information of more than 200,000 users from video game maker Bethesda, claiming to have temporarily brought down the CIA's website, and going after more security agencies in the US. and UK.

June 23 - In protest of Arizona's controversial anti-immigration law, Lulzsec posts internal documents and information from the state's Department of Public Security. [15]

Lulzsec closed shop at the end of June 2011, when an asset in England was arrested. It appears that was not enough to elude the bloodhounds of the Federal Bureau of Investigation or forestall Monsegur's betrayal of his associates.

Careful readers may find their interest piqued by the fact that Fox News, which got the exclusive on the arrests in 2012, were the first hacked in 2011.

Pattern-oriented readers might consider whether the sudden eruption of Lulzsec resembles the cyber flashmob that is currently swarming Chinese sites.

Contrarian readers might find it interesting that the focus of hacking seems to have done a 180-degree turn away from American government, security and corporate targets to tormenting their Chinese equivalents (despite the limited lulz obtainable when hacking a site whose language one does not understand).

Curious readers might also wonder if information from Monsegur has helped the authorities get "Hardcore Charlie" in their sights and he is hacking into Chinese websites either at their behest to help get the Anonymous China ball rolling or is pre-emptively demonstrating his utility and eagerness to please.

In any case, the cat's out of the bag.

The order of battle in the cyber-armies of China and the United States has been completed by the arrival of the volunteer militias to serve next to the professionals.

Well I think this is all part of a much larger game, where the Chinese and Americans are drawing battle lines and establishing rules of engagement over cyber warfare.

The two sides are already meeting discretely to try and work out a common set of rules, and you can see a much more aggressive attitude from the west as it tries to gain as much leverage as possible to use as bargaining chips to help them set the rules to best represent their own interests.

Or that is the over story at least.

But if you read between the lines in this article, you can easily see that China is far ahead in this game, and that was gotten the Americans desperately worried. The American cyber warfare departments see the reason for that gap is because that for the average American, cyber warfare seems such an abstract and dislocated concept that the general American public simply does not respond to the fear mongering as much as hype about WMD or terrorist attacks.

So what better way for American cyber warfare departments to boost their profile, budget and influence than a massive foreign backed attack that causes major disruption/damage to American civilian infrastructure? And who better to launch that attack than the favourate American bogeyman of China?

The articles above already pretty much spelt out American intent to 'get tough' on China and laying the groundwork to launch 'preemptive' cyber strikes. No prizes for guessing who is most likely to be on the receiving end of those 'self defense' attacks.

But the main goal is not to disable or dissuade Chinese cyber activities, the true aim is to provoke a Chinese push back, that the cyber agencies could then point to and use as evidence of Chinese hostility and the need for a bottomless pit of money for themselves and their industrial supporters.

And notice the conditioning already being applied in all western media outlets whereby all Chinese hacking are universally implied as the work of Chinese intelligence agencies, whereas the same authors are going out of their way to paint the picture that all western hacking is done by individuals and have never suggested a single instance of western intelligence agencies launching cyber attacks against China.

Even in cases where it is virtually certain that cyber attacks have been carried out by western intelligence agencies such as the case with the various worms that has plagued Iran's nuclear programme (and actually caused physical damage and casualties by causing centrifuges to spin out of control and explode - the very definition Americans are now suggesting as the equivalent of declaring war in real life), the western media has gone out of it's way to stress how the links to western intelligence agencies is only implied. But they have no problem with all but stating as fact that the Chinese intelligence agencies are launching attacks with far less/compelling evidence.

It is ironic that the articles harp on about China 'preparing the battlefield', when their very only articles are far more tangible steps to preparing the battlefield for a western cyber offensive on China by painting a picture of Chinese aggression in cyberspace with no clear evidence that the Chinese intelligence agencies are responsible for any cyber attacks at all.

In the west, facts seldom get in the way of common misconceptions, and these articles are the first steps towards building those misconceptions.

This is incredibly interesting, but I just could not ignore this.

"Lulz" is a "hacker term" now! .

My speculation is that the campaign of cyber-attacks against Chinese targets was seeded by the US government, but has gathered its own momentum and is drawing in freelance foreign and some Chinese hackers searching for lulz - the hacker term for giggles or detached/callous amusement.

The hackers governments need to look out for don't announce the fact that they've got into the network. They stealthily go in, grab what they want, and leaves.

I think it's all a lot of bull. Not that hackers aren't attempting to do whatever to China. Chinese hackers are joining with their Western counterparts? That's probably bull. Since Chinese hacker have a reputation of being good by the West's own alarmist media, the egotistical motivation notorious of Western hackers wouldn't allow them to cooperate. Look at Wikileak's Julian Assange. He had to plea to Chinese hackers, when the Western media reported they were creating their own version of Wikileaks against the Chinese government, not to create they own Wikileaks and give all the information they hack to him because he's the only one responsible enough to vet such information. What an ego! And Julian Assange probably believed that propaganda from the media. It reminds me of several Olympics ago, a book came out exposing the world of US women's gymnastics as a brutal environment and was getting publicity on the news. Then when the Olympics came around during that time, the media was using things described verbatim from the book and saying that's how the Chinese treat their gymnastics team like that was foreign and it doesn't happen in the US. Where's this Chinese Wikileaks? Maybe the Chinese secret police stopped it? But a Western hacker can hack at will in China? It's just the typical MO to make it sound there's discontent in China's own population and they follow the West. Just like with the attempt to start a Jasmine revolution in China to which if it doesn't happen they can claim it was stifled by the efficient Chinese secret police. Which in turn Western hackers can boast they're skilled enough to evade the mighty Chinese Cyber Army and hack into Chinese secret files. Which in turn the media can advertise it as a win for the West. Again, I'm not saying Western hackers aren't trying to break into China. They've always been doing that but like the Western intelligence agenices, they can't get past the language to read and know if they have anything significant.

Understanding China’s Cyber Policy

Joseph Nye has an interesting article in the Winter 2011 issue of Strategic Studies Quarterly that applies some of the lessons of the nuclear age to cybersecurity. It’s well worth the read, and I thought I might try the same, using what we know about the study of Chinese technology policy to shed some light on China and cyber.

Linking cyber and technology policy is a form of techno nationalism that’s widely and deeply held by Chinese policymakers. The objectives are clear: China doesn’t want to depend on other countries for critical technologies, the United States and Japan in particular. The 2006 Medium to Long Term Plan on Science and Technology (MLP) puts it plainly: “Facts have proved that, in areas critical to the national economy and security, core technologies cannot be purchased.” The Chinese tend to see the current system as, if not unfair, then stacked against them, and so commentaries often focus on competitors’ unfair advantages (U.S. firms dominate hardware and software sectors, 10 of the 13 root servers in U.S.) and China’s victimization (China is the biggest victim of cybercrime).

With both cyber and technology, outside observers have a tendency to overstate how driven by the center China really is. Yes, the MLP sets the goal of China becoming an “innovative nation” by 2020 and a “global scientific power” by 2050. Not surprising given Chinese history and national security concerns. But the document is of two minds about how to move up the value chain, including both a top-down, big-science and technology policy, as well as a bottom-up, entrepreneurial innovation strategy. In cyber, we tend to see China pursuing a coherent cyber strategy that involves pushing an Information Security Code of Conduct at the United Nations, the use of patriotic hackers, information war, and tight Internet control. Chinese analysts see the opposite, complaining that the U.S. – with the standing up of Cyber Command and promotion of the Internet Freedom agenda – has put China on the defensive and that Beijing is falling behind in cyberspace.

There’s also a question of how strategically China can implement. The world of technology policy is one of sectoral and regional differentiation, with industries and provinces interpreting national regulations to serve their own interests. Ministries, universities, and government research institutes behave similarly, and Chinese firms often identify more with their Western competitors than with their local bureaucratic partners. It’s hard to imagine that the Ministry of Public Security, Ministry of State Security, PLA, and Ministry of Industry and Information Technology play any nicer together in the sand box of cyber policy.

The prolific rate of cyber espionage – what Cyber Command head General Alexander called “the greatest transfer of wealth in history” – raises questions of China’s absorptive capacity. With technology imports, Chinese firms historically spent much less than Japanese and Korean companies did for diffusion and absorption. What is China doing with all of the IPR it’s allegedly stealing, and shouldn’t we start to see it paying off in more competitive Chinese firms? Not much public evidence exists that it’s helping Chinese companies move up the value chain (most evidence in the public domain is old-fashioned theft, see DuPont, Motorola, and American Semiconductor).

Finally, technology policy may tell us something about what might work for cyber, although progress, especially in protecting intellectual property rights, has been glacially slow and uneven. The issue must be raised at the highest level, including by the President and Vice President, something that it’s not clear has happened yet. Multilateral pressure should also be applied. China backed down from the compulsory introduction of WAPI, an alternative to WiFi, after the U.S. government, supported by Japan and the EU, threatened to take a case to the WTO.

Given the current state of the U.S.-China relationship in cyber, glacially slow and uneven might be an improvement.

Interesting how a lot this publicized anger towards China about cyber warfare comes out during this period of cyber wargames.

US and China engage in cyber war games | Technology | guardian.co.uk

US and China engage in cyber war games

Exclusive: US and Chinese officials take part in war games in bid to prevent military escalation from cyber attacks


Nick Hopkins

guardian.co.uk, Monday 16 April 2012 08.00 EDT



The Air Force Space Command Network Operations and Security Centre in Colorado. Photograph: Rick Wilking/Reuters


The US and China have been discreetly engaging in "war games" amid rising anger in Washington over the scale and audacity of Beijing-co-ordinated cyber attacks on western governments and big business, the Guardian has learned.

State department and Pentagon officials, along with their Chinese counterparts, were involved in two war games last year that were designed to help prevent a sudden military escalation between the sides if either felt they were being targeted. Another session is planned for May.

Though the exercises have given the US a chance to vent its frustration at what appears to be state-sponsored espionage and theft on an industrial scale, China has been belligerent.

"China has come to the conclusion that the power relationship has changed, and it has changed in a way that favours them," said Jim Lewis, a senior fellow and director at the Centre for Strategic and International Studies (CSIS) thinktank in Washington.

"The PLA [People's Liberation Army] is very hostile. They see the US as a target. They feel they have justification for their actions. They think the US is in decline."

The war games have been organised through the CSIS and a Beijing thinktank, the China Institute of Contemporary International Relations. This has allowed government officials, and those from the US intelligence agencies, to have contact in a less formal environment.

Known as "Track 1.5" diplomacy, it is the closest governments can get in conflict management without full-blown talks.

"We co-ordinate the war games with the state department and department of defence," said Lewis, who brokered the meetings, which took place in Beijing last June, and in Washington in December.

"The officials start out as observers and become participants … it is very much the same on the Chinese side. Because it is organised between two thinktanks they can speak more freely."

During the first exercise, both sides had to describe what they would do if they were attacked by a sophisticated computer virus, such as Stuxnet, which disabled centrifuges in Iran's nuclear programme. In the second, they had to describe their reaction if the attack was known to have been launched from the other side.

"The two war games have been quite amazing," said Lewis. "The first one went well, the second one not so well.

"The Chinese are very astute. They send knowledgeable people. We want to find ways to change their behaviour … [but] they can justify what they are doing. Their attitude is, they have experienced imperialism and they had a century of humiliation."

Lewis said the Chinese have a "sense that they have been treated unfairly".

"The Chinese have a deep distrust of the US. They are concerned about US military capabilities. They tend to think we have a grand strategy to preserve US hegemony and they see a direct challenge.

"The [Chinese officials] who favour co-operation are not as strong as the people who favour conflict."

The need for the meetings has been underlined in recent months as the US and the UK have tried to increase pressure on China, which they regard as chiefly responsible for the theft of billions of dollars of plans and intellectual property from defence manufacturers, government departments, and private companies at the heart of America's national infrastructure.

Analysts say this amounts to "preparation of the battlefield", and both the UK and the US have warned Beijing to expect retaliation if it continues.

In recent months, the US has made clear it is turning its military focus away from Europe towards the Pacific to protect American interests in the region.

"Of the countries actively involved in cyber espionage, China is the only one likely to be a military competitor to the US," Lewis said.

"US and Chinese forces are in close proximity and there are hostile incidents … The odds of miscalculation are high, so we are trying to get a clear understanding of each side's position."

Lewis believes the US is preparing to become more aggressive towards China, saying President Barack Obama has already tasked internal working groups in the White House to consider tougher sanctions.

Without naming China, a senior executive in the FBI told the Guardian the threats posed from cyber attacks were alarming.

"We know that the capabilities of foreign states are substantial and we know the type of information that they are targeting," said Shawn Henry, executive assistant director of the FBI's cyber unit.

"We have seen adversaries that have been in networks for many months or even years in some cases, undetected. They have essentially had free rein over those networks … They have complete ability to disrupt that network entirely."

Frank Cilluffo, who was George Bush's special assistant on homeland security, said the time had come to confront China.

"We need to talk about offensive capabilities to deter bad actors. You cannot expect companies to defend against foreign intelligence services. There are certain things we should do if someone is doing the cyber equivalent of intelligence preparation of the battlefield of our energy infrastructure.

"To me that's off grounds. That demands a response. What other incentive could there be to map our infrastructure in the event of a crisis?

"We have a stronger hand in conventional military and diplomatic means. We need to show them our cards. All instruments on the table. I think we do have to start talking active defence."

He said the US had to be proactive or, in time, people would start losing confidence in the integrity of the internet and computer systems.

"If I don't invest because I am afraid, if I don't use the web because I am afraid, if you lose trust and confidence in those systems, the bad guys have won. Checkmate."

The state department refused to speak about the war games, or say which officials took part.

A spokesman said: "The United States is committed to engaging countries to build a global environment in which all states recognise and adhere to norms of acceptable behaviour in cyberspace. We are engaging broadly with the Chinese government on cyber issues so that we can find common ground on these issues which have increasing importance in our bilateral relationship."

The Pentagon declined to comment or say which of its officials took part in the war games.

China has consistently denied being responsible for cyber attacks on the US and other western countries. It says it is also the victim of this kind of espionage.

The Chinese defence minister, Liang Guanglie, has said Beijing "stands firmly against all kinds of cyber crimes".

"It is hard to attribute the real source of attacks and we need to work together to make sure that this security problem won't be a problem," he said.

"Actually in China we also suffered quite a wide range [of], and frequent, cyber attacks. The Chinese government attaches importance also on cyber security and stands firmly against all kinds of cyber crimes. It is important for everyone to obey or follow laws and regulations in terms of cyber security."

The People's Daily, the Chinese newspaper that most reflects the views of China's ruling Communist party, said last year that linking China to internet hacking attacks was irresponsible.

"As the number of hacking attacks on prominent international businesses and organisations has grown this year, some western media have repeatedly depicted China as the villain behind the scenes."