China is known to be an active player in global cyber warfare and espionage. There has been an unbroken flow of reports on China's cyber activities since the discovery of Titan Rain in 2003. In a "Five-Year Plan" (2011-2015), published by the Chinese government and the People's Liberation Army (PLA), it is stated that China's cyber warfare doctrine is to focus on the research and development of cyber espionage and achieve global "electronic dominance" by 2050.
China's main objective, stated in this document, is to develop capabilities to be able to disrupt the information infrastructure of enemies, such as financial markets, military and civilian communications, and critical infrastructure. Attacks in cyberspace would be launched as a prelude to traditional military operations.
The ample documentation of attacks by China on Germany, India, the U.S. and the U.K. provides quite a bit of information about the methods and capabilities employed. It is evident to many military and security experts that many of the attacks were conducted under the direction of the PLA.
U.S. Congress held a hearing in 2008, on the topic of "China's Proliferation Practices, and the Development of its Cyber and Space Warfare Capabilities." It was established that China has the capability to "scan, acquire nodes for their growing botnet as well as the continued sophisticated assaults on defense information systems."
In May 2011, China announced the creation of a "Blue Army" division - a cyber command unit of 30 initial members who were recruited from existing PLA soldiers, officers, college students and experts from the private sector.
Israel established its cyber warfare unit in 2010. It is part of the intelligence-collecting unit of the Israeli Defense Forces (IDF) and is thought to be focused mainly on defense - but it may also have some offensive capabilities.
The cyber command unit (a smaller division under the cyber warfare unit) was established in early 2011, and was modeled after the IDF commandos, as well. It is believed to have 80 members and has the ability to dispatch into target countries covertly to launch attacks inside enemy territory.
There are two notable instances of Israel's engagement of cyber warfare. First was in 2007, when Israel shut down Syria's anti-aircraft radars to enable Israel's Air Force to fly undetected to destroy a suspected Syrian nuclear site. More recently, they are alleged to have a connection to Stuxnet, a highly sophisticated computer worm used to attack Iranian nuclear facilities.
Iranian Revolutionary Guards Corps (IRGC) established their official cyber warfare division in 2010. It has an estimated budget of US$76 million and is believed to have personnel of around 2,400, with an additional 1,200 in reserve. The following are some examples of the capabilities they have in their arsenal: compromised counterfeit computer software, wireless data communication jammers, computer viruses and worms, cyber data collection exploitation, computer and network reconnaissance and embedded Trojan time bombs.
After the Stuxnet fiasco in 2011, Iran declared themselves to be capable of countering any cyberattacks from abroad. They also issued a threat to the U.S. and Israel in August 2011, that should the Iranian cyber army be provoked, Iran would combat these operations with their own "very strong" defensive.
According to a military officer who defected to North Korea in 2007, the DPRK has around 30,000 electronic warfare specialists under two electronic warfare brigades, and 600 of the personnel are specialized hackers. Many of these hackers are assigned to various units under the General Bureau of Reconnaissance (GBR). It is believed that an estimated 1,000 of these GBR specialists are based in China and other various locations.
In 2010, North Korea increased its efforts to establish and expand its cyber warfare capabilities. More resources and investments were allocated to its specialized, elite cyber warfare unit, Office 21. It is estimated that North Korea has around 3,000 personnel in its cyber warfare unit.
In 2011, Im Chae Ho, vice president of the KAIST Cyber Security Research Center, assessed the cyber capabilities of North Korea. He reported that DPRK had 10 times the offensive abilities as South Korea, and they are capable of directly attacking South Korea's infrastructure, financial system and nuclear power plant using cyberattacks.
United States Cyber Command (USCYBERCOM) was established in 2010, and General Keith Alexander was appointed to head it up.
As defined by the Department of Defense (DOD), the recently formed cyber command ."plans, coordinates, integrates, synchronizes and conducts activities to: direct the operations and defense of specified Department of Defense information networks and; prepare to, and when directed, conduct full spectrum military cyberspace operations in order to enable actions in all domains, ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries."
USCYBERCOM is responsible for the DOD's network - the sites with .mil domain names. In an instance of enemy action in cyberspace its jurisdiction can be extended, with an executive order, to the domain of federal civilian networks (the .gov domains), which are normally protected by the Department of Homeland Security (DHS).
With the Army Network Enterprise Technology Command (NETCOM), Army Intelligence and Security Command (INSCOM), 1st Information Operations Command (Land) and the 780th Military Intelligence Brigade as it's main development hubs, USCYBERCOM has grown to 21,000 soldiers and contractors.
Pakistan and India has been entangled in a tit for tat of cyber warfare since 1988. The exchanges were mostly defacement of each other's website, until 2003, the attacks escalated to the hacking of each other's government servers. Indian hackers attacked Pakistan’s infrastructure in 2010, Pakistan retaliated by launching similar attacks on Indian infrastructure.
As Pakistan has no formal cyber command or cyber warfare unit. Activities are generally conducted by Individual sections attached to government departments and civilian hackers collectives. Pakistan Cyber Army is one of the most prolific groups, notorious for launching attacks against India and more recently, the Chinese government.
Russia has a long history of enagement in cyber warfare. One of the earliest incident was, perpetrated by Markus Hess, a German hacker, to attack U.S. defense agencies in the late 80's. He was able to attack over 400 U.S. computers, remotely from Germany. The cyber offensive on Estonia in 2007 was an eye opener for the international community, to the the russian's cyber warfare capabilities. In 2008, the Russia launched a large scale attack on Radio Free Europe.
Founded in 2007, The 5th-Dimension Cyber Army is the official cyber unit of the Russian Federation. Offensive capabilities has been a main focus in the Russian cyber doctrine, it is intended be the force multiplier with tradition military actions, to be deployed along with other forces, and increase the effectiveness and power of that force. Similar to the Chinese doctrine, Russia intends to develop capabilities to inflict disruption on information infrastructure of their enemies. The goal is be disrupt enemy's financial markets, military and civilian communications capabilities and critical infrastructure.