Posted By Josh Rogin
Friday, January 22, 2010 - 8:57 PM
Share
With all about the chatter about China’s hacking
of Google and Secretary of State Hillary Clinton’s drive
to deliver “consequences” to bad actors in cyberspace, it’s worth noting
that the problem of cyber attacks either promulgated or supported by the
Chinese government is far from new.
In a previous life, your Cable
guy broke a story that revealed senior military officials believe the Chinese
government is supporting hackers that attack “anything
and everything” in the U.S. national security infrastructure on a constant
basis. And while it’s difficult to prove guilt, the scale, organization, and
intent of the attacks leads experts and officials alike to one sponsor: the Chinese
government.
The Defense Department has said that the Chinese government,
in addition to employing thousands of its own hackers, manages massive teams of
experts from academia and industry in “cyber
militias” that act in Chinese national interests with unclear amounts of
support and direction from China’s People’s Liberation Army (PLA).
According to SANS Institute research director Alan Paller, “The problem is 1,000
times worse than what we see.” But the tip of the iceberg is still large. Here
are some of the most damaging attacks on the U.S. government that have been
attributed to Chinese government sponsorship or endorsement over the past few
years:
1) Titan Rain
In 2004, an analyst named Shawn Carpenter at Sandia National Laboratories traced
the origins of a massive cyber espionage ring back to a team of government
sponsored researchers in Guangdong Province in China. The hackers, code named by
the FBI “Titan Rain,” stole massive amounts of information from military labs,
NASA, the World Bank, and others. Rather than being rewarded, Carpenter was
fired and investigated after revealing his findings to the FBI, because hacking
foreign computers is illegal under U.S. law. He later sued and was awarded more
than $3 million. The FBI renamed Titan Rain and classified the new name. The
group is still assumed to be operating.
2) State Department’s East Asia Bureau
In July 2006, the State Department admitted it
had become a victim of cyber hacking after an official in “East Asia”
accidentally opened an email he shouldn’t have. The attackers worked their way
around the system, breaking into computers at U.S. embassies all over the
region and then eventually penetrating systems in Washington as well.
3) Offices of Rep. Frank
Wolf
Wolf has been one of the most outspoken lawmakers on Chinese
human rights issues, so it was of little surprise when he
announced that in August 2006 that his office computers had been
compromised and that he suspected the Chinese government. Wolf also reported that similar attacks had
compromised the systems of several other congressmen and the office of the
House Foreign Affairs Committee.
4) Commerce Department
The Commerce Department’s Bureau of Industry and Security had
to throw away all of its computers in October 2006, paralyzing the bureau
for more than a month due to targeted attacks originating from China. BIS is
where export licenses for technology items to countries like China are issued.
5) Naval War College
In December 2006, the Naval War College in Rhode Island had
to take all of its computer systems offline for weeks following a major
cyber attack. One professor at the school told his students that the Chinese
had brought down the system. The Naval War College is where much military
strategy against China is developed.
6) Commerce Secretary Carlos
Gutierrez and the 2003 blackout?
A National Journal
article revealed
that spying software meant to clandestinely steal personal data was found on
the devices of then Commerce Secretary Carlos
Gutierrez and several other officials following a trade mission to China in
December 2007. That same article reported that intelligence officials traced
the causes of the massive 2003 northeast blackout back to the PLA, but some
analysts question the connection.
7) McCain and Obama presidential campaigns
That’s right, both the campaigns of then Senators Barack Obama and John McCain were
completely invaded by cyber spies in August 2008. The Secret Service forced
all campaign senior staff to replace their Blackberries and laptops. The
hackers were looking for policy data as a way to predict the positions of the
future winner. Senior campaign staffers have acknowledged that the Chinese
government contacted one campaign and referred to information that could only
have been gained from the theft.
8) Office of Sen. Bill
Nelson, D-FL
At a March 2009 hearing, Nelson revealed
that his office computers had been hacked three separate times and his aide
confirmed that the attacks had been traced back to China. The targets of the
attacks were Nelson’s foreign-policy aide, his legislative director, and a
former NASA advisor.
9) Ghostnet
In March, 2009, researchers inToronto concluded a 10-month
investigation that revealed a massive cyber espionage ring they called Ghostnet that had penetrated more
than 1,200 systems in 103 countries. The victims were foreign embassies, NGOs,
news media institutions, foreign affairs ministries, and international
organizations. Almost all Tibet-related organizations had been compromised,
including the offices of the Dalai Lama. The attacks used Chinese malware and
came from Beijing.
10) Lockheed Martin’s F-35 program
In April, 2009, the Wall
Street Journal reported
that China was suspected of being behind a major theft of data from Lockheed
Martin’s F-35 fighter program, the most advanced airplane ever designed.
Multiple infiltrations of the F-35 program apparently went on for years.
Until the United States, along with other victims of Chinese cyber-aggression, come out publicly and LOUDLY complain about such practices while backing it up with actions that punish this behavior, the PRC will happily continue to use this tactic with abandon for political, economic, and military gains.
Why is it called "data theft" when China does this
and only espionage when western countries do the same thing?
This whole cyber attack does not in any way surprise me.
I use a simple hardware firewall, which generates a log of attacks (Land Attacks, Port Scans etc...) I have found rather regular port scans originating in/from China. The interesting thing is, when I report these attacks to the F.B.I. I get NO RESPONSE...
The real issue is not the non-response or the port scans, but the fact that the "hackers" can acquire valid I.P.s. and completely bypass the computer they scan. I am not a computer programmer, security person, but I do understand enough about computer systems, networks, I-net etc...to see the way these things can be done. In other words, give a proficient hacker the I.P. and there would be virtually no protection...and WE ALL HAVE AN I.P. address.
As per complaining about or to the Chinese ...FORGET IT...these people live in an entirely different reality...and couldn't care less about what WE AS AMERICANS say, or for that matter what anyone in the world would say.
The comments regarding H.Clinton's comments about these attack on GOOGLE, are typical...to paraphrase""...it will cause problems with Chinese,American relations..." Give me a break...What are we to do...bend over for these criminals?...
There is NO point in ever confronting them. Try to find a way to only activate the connect at the server level, do not leave the connection active as D.S.L systems (24-7)...I see this as the only potential way to preventing access to individual or network computers.
Enough said.
The problem is that cyberattacks are hard to classify in terms of a 'justified response'. Military skirmishes, missile launches, political statements, territorial invasions, aid, we've gotten a kind of understanding across the world about how to handle those incidents. Computers on the other hand, are a difficult question. Is hacking a military network worth a protest from an ambassador? Is it worth risking agreements on how to deal with a regional security crisis?
Historically, of course, our descendants will be able to look back and say "Those idiots. If they had known to be firmer with China/more open with China..." but here and now we really don't have that kind of information. I also note that we have no idea what kind of successes or failures the U.S military and intelligence services may have had in hacking Chinese computers, so we can't say for sure who's better right now.
This attack could reasonably bring up several questions, therefore Google may wanted to take this chance to discuss a few extra information on the data defending and assure we the end users that they will introducing extra security actions to assist make sure the safety of their clients' data.
You left out the Pentagon attacks.
The successful attack against the US Pentagon email servers is the most egregious cyber attack from China recorded to date. From a DarkReading article at the time:
According to a report in today's Financial Times, Pentagon officials are now acknowledging that the People's Liberation Army launched "the most successful cyber attack ever" on U.S. defense systems less than two months ago.
That was from September 2007. http://www.darkreading.com/security/perimeter/showArticle.jhtml?articleID=208803659
Carpenter's experience only proves that everything is upside down. Here is a patriotic AMERICAN who reports that the attack came from china, so he gets fired and investigated. Who says the inmates are NOT running the asylum.
Carpenter's experience only proves that everything is upside down. Here is a patriotic AMERICAN who reports that the attack came from china, so he gets fired and investigated. Who says the inmates are NOT running the asylum.
I SENT SOMETHING EARLIER. WAS NOT WORKING.
Why shouldn't it count as an act of war?
We should call the bluff. They need us more than we need them.
Um, don't we owe them, like, TRILLIONS of dollars? To paraphrase an old comic, "This is another fine mess we've gotten ourselves into." Otherwise, I would say it's time to STOP doing business with China - imports and exports - period.
The Chinese have very impressive technology that allows them to intercept emails, prevent you from reading blogs and facebook and they can even place a virus on your computer. How do I know this? It happened to me during my visit in September '09. In fact, my anti-virus software still blocks it from rearing its ugly head. This is the only virus my computer has ever received. Don't be fooled into thinking America is the only country with great technology, if anything we are far behind. casino online
"One professor at the school told his students that the Chinese had brought down the system."
"he announced that in August 2006 that his office computers had been compromised and that he suspected the Chinese government."
This counts in your top 10 list? The threat is big enough without you having to exaggerate it.
John Hudson reports on national security and foreign policy from the Pentagon to Foggy Bottom, the White House to Embassy Row, for The Cable.
May/June 2013
-
Profile
-
FP Power Map
-
Think Again
Follow us on Twitter | Visit us on Facebook | Follow us on RSS | Subscribe to Foreign Policy
About FP | Meet the Staff | Foreign Editions | Reprint Permissions | Advertising | Writers’ Guidelines | Press Room | Work at FP
Services:Subscription Services | Academic Program | FP Archive | Reprint Permissions | FP Reports and Merchandise | Special Reports | Buy Back Issues
Privacy Policy | Disclaimer | Contact Us
11 DUPONT CIRCLE NW, SUITE 600 | WASHINGTON, DC 20036 | Phone: 202-728-7300 | Fax: 202-728-7342
FOREIGN POLICY is published by the FP Group, a division of The Washington Post Company
All contents ©2013 The Foreign Policy Group, LLC. All rights reserved.
(13)
HIDE COMMENTS LOGIN OR REGISTER REPORT ABUSE