Dillon Beresford, a security researcher with testing firm NSS Labs said that it is a doddle to bring down China’s computer networks.
Beresford spends seven hours a day visiting the networks of China’s state and provincial governments, its army and the country’s top universities.
He said that while there is an image of China as a nearly invincible cyber powerhouse, the country has woeful cyber security practices at home that leave thousands of networks and databases vulnerable to trivial, remote attacks.
While the country conducts aggressive cyber offense abroad, it has a total lack of basic cyber defense at home. Classified and unclassified government networks are there for the taking.
If the Chinese are dumb enough to try a cyber arms race, the country will fold in seconds, he said.
China’s single party system is actually to blame for some of the poor security practices.
They’re not using Western products or open source platforms, because they don’t trust them, but they don’t benefit from the whole community of people who are crawling over Western platforms and patching bugs and looking for holes.
In China, the government runs everything and there’s no clear policy for cyber security, and its hard to publicly come out and admit mistakes.
Beresford said that the media hype in the U.S. is all about cyber war and how the Chinese are kicking the US’s bottom.
However, if the Chinese realised how vulnerable they are to attack they might tone down their aggressiveness.