As U.S. diplomats yesterday rushed to the site in China where a U.S. Navy spy plane was forced to make an emergency landing, intelligence and security analysts warned of fallout from China gaining access to sensitive computers aboard the aircraft and a Cold War-like face-off that has spilled onto the Internet.

Three U.S. diplomats arrived yesterday on China's Hainan Island, located in the South China Sea between the Chinese mainland and the Philippines, to secure the release of 24 U.S. military personnel who were aboard the EP-3E Aries II spy plane. The aircraft, which was likely monitoring Chinese missile deployments, was forced to make an emergency landing Sunday after a Chinese fighter jet collided with it in international airspace and damaged part of the plane's wing and engine.

However, the Chinese government has denied U.S. officials access to the crew and the aircraft, leading to a major escalation of tensions between the two countries. Also complicating matters is the lack of knowledge about the plane and the highly sensitive electronic equipment that it carried.

The EP-3E is a sophisticated surveillance aircraft outfitted with state-of-the-art computers, cryptological equipment and sensors that are designed to monitor military communications deep within a country's borders. According to intelligence experts, even the slightest compromise of the plane's computers and equipment will likely help China further refine its information warfare capabilities.

"Even the most trivial information they pick up will be something they didn't know before," said Steven Aftergood, an intelligence analyst at the Federation of American Scientists, a public policy think tank. "A lot depends on how thoroughly the crew was able to implement the dismantlement and destruction procedures," he said.

According to military and intelligence experts, the crew of the plane probably had plenty of time to conduct emergency destruction procedures on all of the aircraft's most sensitive computers and digital media, including hard drives and cryptographic keys. Such actions are called for as part of the crew's standard operating procedures during such emergencies.

"The information on paper, media or [in] people's heads is indeed the most important thing," said Allen Thomson, a former CIA scientist. And although the physical equipment is probably the least sensitive aspect of the aircraft, "one hopes that rapid sterilization is one of the design requirements for equipment that operates under the danger of capture," said Thomson. "Beyond that, yes, undoubtedly the Chinese will get a better feel for what we can collect, how we do it and how they can improve their own capabilities and countermeasures."

A former Navy intelligence official said cryptographic keys, databases that maintain U.S. intelligence information on Chinese systems, and classified computer codes are of far greater value to the Chinese than the hardware systems alone. However, electricity is required to degauss, or erase, crypto systems and other hard drives. Damage to the aircraft could have hampered the crew's ability to take such actions, the official said.

Meanwhile, as the Bush administration continues to fault the Chinese for not releasing the crrew and the aircraft sooner, Chinese citizens have taken to the Internet to express outrage at what they consider meddling by the U.S. military in the region. As a result, security experts in the U.S. are warning that China's Internet-enabled public outcry could eventually lead to hacker attacks against U.S. Internet sites.

As of 9 a.m. (EDT) today, the well-known Chinese Web site china.com carried only a few stories about the incident on its English-language pages. Its Chinese language page, however, offered 25 stories, most of which called for revenge for the breach of China's territory and supported putting the U.S. military personnel on trial, according to a report released today by Vigilinx Inc., a New York-based security firm.

"Once the protesters have received news from the various Chinese information sources, and after they have their passions stirred up at the rallying points, the cybermob will take to the streets," the report states. A similar pattern of events occurred in May 1999 after the accidental bombing of the Chinese embassy in Belgrade, according to the Vigilinx report.

The Chinese are winning the first phase of this protracted information warfare campaign by exploiting the propaganda and inflammatory value of the incident, said Michael Assante, vice president of intelligence for Vigilinx and a former Navy intelligence officer. "It is being used effectively to focus the Chinese Internet community's resources on an anti-American campaign," he said. "Offshoots of that could include hacker attacks, Web site defacements and denial-of-service attacks against U.S. government and business entities."

Computerworld

• Email
• Print
• Share
  • Slashdot
  • Digg
  • Stumble
  • Reddit
  • Newsvine