How focused are the Chinese cyber attacks ?
“What fascinates me about the exploits of officially sanctioned Chinese cyber attacks is how limited they are.”
How focused are the Chinese cyber attacks?
Perhaps the more accurate statement should read, “how FOCUSED they are”.
Chinese cyber espionage efforts are actually quite broad. From critical infrastructure, to the Defense Industrial Base, to university R&D efforts, the PLA has placed massive resources into pursuing focused cyber espionage/Computer Network Exploitation (CNE) of virtually every industry in the country. Sadly, much of the evidence is either classified or what would be termed “circumstantial” in American legalese, but taken as a whole, the signs all point to massive state support from China.
Can the U.S. claim the moral high ground? No, but U.S. CNE efforts abroad are limited to the intelligence/military community, and valuable discoveries not shared with U.S. businesses to further commercial interests. The Chinese cannot make a similar claim. Well, they can, but not honestly.
In the article for The Week, Marc Ambinder says:
(…) What fascinates me about the exploits of officially sanctioned Chinese cyber attacks is how limited they are. The Times found that the hackers were interested in and only interested in what the Times would say about the Wen family. “Experts found no evidence that the intruders used the passwords to seek information that was not related to the Wen family.” Read that again. Based on what our government tells us, we think the Chinese government’s hacking efforts are indiscriminate. But they’re not. The net is sometimes wide, but the hackers seem to play by their own peculiar set of rules. If a person has information that pertains to the security environment as perceived by the Chinese government, then they’re fair game for computer network attack.
The United States plays by these informal rules too. Our NSA has probably broken into the email accounts of journalists and human rights activists in other countries. The lawyers who supervise these covert operations probably make sure to place limitations on what our cyber-spies are able to gather and collect, all in the name of limiting both the footprint of the attack and the self-inspection that comes with snooping on anyone’s email.
Chinese cyber espionage is scary. It’s also not surprising. The U.S. cannot easily claim the moral high ground.
According to The New York Times:
SAN FRANCISCO — For the last four months, Chinese hackers have persistently attacked The New York Times, infiltrating its computer systems and getting passwords for its reporters and other employees.
After surreptitiously tracking the intruders to study their movements and help erect better defenses to block them, The Times and computer security experts have expelled the attackers and kept them from breaking back in.
The timing of the attacks coincided with the reporting for a Times investigation, published online on Oct. 25, that found that the relatives of Wen Jiabao, China’s prime minister, had accumulated a fortune worth several billion dollars through business dealings.
Security experts hired by The Times to detect and block the computer attacks gathered digital evidence that Chinese hackers, using methods that some consultants have associated with the Chinese military in the past, breached The Times’s network. They broke into the e-mail accounts of its Shanghai bureau chief, David Barboza, who wrote the reports on Mr. Wen’s relatives, and Jim Yardley, The Times’s South Asia bureau chief in India, who previously worked as bureau chief in Beijing. (excerpt of the nytimes article By NICOLE PERLROTH)
“We have to begin making it clear to the Chinese – they’re not the only people hacking us or attempting to hack us – that the United States is going to have to take action to protect not only our government’s, but our private sector, from this kind of illegal intrusions. There’s a lot that we are working on that will be deployed in the event that we don’t get some kind of international effort under way,” she said.
The Wall Street Journal on Thursday said that its computer systems, too, had been breached by China-based hackers in an effort to monitor the newspaper’s coverage of China issues.
The White House declined to comment on whether it will pursue aggressive action on China.
Before moving on the The talk, we would like to recall Ben Parr’s article for Mashabe on Jan 14, 2010:
The entire world has been talking about Google’s decision to not censor its China search engine after it became the victim of Chinese cyber attack. And while we’ve talked a great deal about its global implications and the censorship in China, we haven’t talked a lot aboutexactly how Chinese hackers actually broke through Google’s security measures.
A recently published analysis by antivirus/computer security firm McAffee seems to have some of the answers.
They have launched an investigation into the attack that has turned up some interesting results, including the likely codename of the operation as well as a key vulnerability in Microsoft’s Internet Explorer that may have helped the hackers succeed.
The attack targeted a few key individuals to install malware and rip open a hole through security via Internet Explorer. McAffee made sure to note that the IE flaw was just one way the hackers infiltrated the networks of Google and 20+ other companies.
The hackers knew who they wanted to target and what they wanted and used vulnerabilities never before known to do it. The nature of the attack likely played a big role in Google’s decision.
The talk about it goes likes this (selection) :
- New Jersey
- Bob Sallamack
- New Jersey
Americans need to wake up and understand that the internet is not a computer system but a communication system.
Imagine World War II in America where those of other nations could take over control of the American communication system of telephones and telegraphs during World War II. No one in government could use these communication systems in the United States during World War II. The military would have to use runners and carrier pigeons simply to contact those on military bases in the United States.
- Boston Scrod
How many of the compromised computers at the Times were running Linux or Mac OS X? My best guess is zero but I would be happy to be proven wrong.
Assuming, however, that I am right, the failure to address this point is probably but another example of giving cover to the fundamentally insoluble vulnerabilities unique to Microsoft’s operating systems. At the very least, the nature of the systems affected should be a leading point in the story, something made clear in the first or second paragraph.
Our nation is totally dependent upon the internet communication system of the United States but the United States has no ability to regulate or protect that system. Everything is simply left to private companies. Americans will scream it is an infringement on their rights if the government becomes involved.
- Piri Halasz
- New York NY
This has nothing to do with communism — China is simply acting like any captalist industrialist who wants to spy on the competition. They’re just better at it than most industrial spies in the US.
Interesting to note that all this work was done and yet no “sensitive” information was compromised? How many folks really believe that whopper? No hacker would penetrate a target system to that level and not access sensitive data.
So the Times itself was hacked, its computer systems infiltrated, and its data stolen. The Times is to be complimented on its forthright and informative reporting on the episode.
But I also hope the Times learns a lesson from this: anyone can be hacked. Perhaps the tone of your future reporting on security breaches that take place at other institutions can be a bit more understanding and less self-righteous than your articles have sometimes been in the past. Newspapers that publish from glass houses should be careful about how forcefully they throw stones at others.
Also, a bit more detail on what happened would be useful, so that others can learn. Did all the computer systems involved run Windows, or were Linux and/or Macintosh systems also affected?
- Dr. Arthur Frederick Ide
- Radcliffe IA
Hacking is never a victimless crime. It discourages researchers, writers, publishers, schools, and others from presenting information that hackers think should be in the public domain–never counting the time, energy, investigation and coorination of their works. Hackers bring down governments that they feel do not represent their special interest, but government brought down are representative of the very people the hackers claim the hackers represent. All hackers should be tried and when found guilty given the longest term possible in a prison without comforts.
To see The New York Times video follow the link below:
But China and America have a long story as we already mentioned a tiny part previously in the article “China has overtaken America Again: Patents and Liberty“.