WASHINGTON - China is "the most threatening actor in cyberspace" as its intelligence agencies and hackers use increasingly sophisticated techniques to gain access to U.S. military computers and defense contractors, according to the draft of an annual report mandated by Congress.
Chinese hackers are moving into "increasingly advanced types of operations or operations against specialized targets," such as sensors and apertures on deployed U.S. military platforms, according to the report.
"China's persistence, combined with notable advancements in exploitation activities over the past year, poses growing challenges to information systems and their users," the U.S.- China Economic and Security Review Commission said in the draft obtained by Bloomberg News. "Chinese penetrations of defense systems threaten the U.S. military's readiness and ability to operate."
The commission's draft report bolsters warnings by U.S. officials that cyberattacks pose growing risks to the military and to critical industries such as electric utilities, pipelines and telecommunications. Defense Secretary Leon Panetta cited Chinese and Russian capabilities in an Oct. 11 speech, saying cyber threats could become as devastating as the Sept. 11, 2001, terrorist attacks.
Most cyber activity in China during the past year "relied on basic and straightforward techniques," such as "zero-day" attacks that exploit a software vulnerability for which victims have no immediate fix or patch and the use of stolen digital certificates to make malware appear legitimate, according to the draft.
"Irrespective of the sophistication, the volume of exploitation attempts yielded enough successful breaches to make China the most threatening actor in cyberspace," according to the draft.
Most Chinese intrusions against U.S. government and military systems appear intended to collect intelligence or technology rather than launch attacks, the commission said.
Created by Congress in 2000, the bipartisan commission has reported on China's economic and military rise, usually in critical assessments accompanied by recommendations for counter-actions.