China Rebuffs Detailed Report on Its US Hacking Escapades
An in-depth report on data thefts committed against U.S. companies by government-backed Chinese hackers has triggered a denial from a Foreign Ministry spokesperson, raising the cyberwar games to a new level. Instead of being relegated to cloak-and-dagger operations, cyberattacks -- or at least, cyberaccusations -- are now the subject of international posturing.
02/19/13 3:07 PM PT
Chinese Foreign Ministry spokesperson Hong Lei reportedly said at a briefing on Tuesday that China's military was not involved in any recent cyberhacking. His comments were apparently in response to allegations published by The New York Times on Monday, gleaned from a new report by Mandiant.
Among many other findings in the report is the existence of a 12-story white office tower in the outskirts of Shanghai, said to be used by the People's Liberation Army unit of cyberwarriors. Unlike the Pentagon in Washington, D.C., or the Kremlin in Moscow, where many of the Cold War-era strategies and tactics were likely directed, the building in Shanghai is nondescript. Yet it could be the command center of the "Comment Crew" or "Shanghai Group" -- the names given to the Chinese hackers.
The group is reportedly known by the more official sounding name "P.L.A. Unit 61398."
Cyberwarfare is just the latest theater of operations in the world of espionage, and as many a spy movie and potboiler novel suggests, it is common for governments to disavow and deny acts of espionage.
"This is something we knew was coming," said Alan Webber, industry analyst and managing partner at Altimeter Group. "Are the Chinese doing this? Yes, but so are a number of other countries. So are the Americans, so are the Israelis, so is France. This is not new."
"Anyone who has read Sun Tzu's The Art of War had to know this is how the Chinese would operate," Webber told TechNewsWorld.
Hackers from China -- including the Shanghai Group -- have systematically stolen hundreds of terabytes of data from at least 141 organizations and could have an extensive infrastructure of computer systems from around the world, according to the Mandiant report, which details numerous hack attacks on U.S. industries.
In light of the report's numerous details, Hong Lei's assertion that the allegations are baseless is hard to swallow, but this is more than just a tit-for-tat reaction.
"The Chinese are hacking us because they want something from us," said Martin C. Libicki, senior management scientist at the Rand Corporation.
"Everyone who can spy does spy. In the old days we used humans, and then we used signal interception," he told TechNewsWorld.
"What makes the Chinese unique is that they are spying on companies," Libicki added. "All may be fair in love and war, but it is not fair in international trade relations. If you steal trade secrets to level the playing field, that is not fair by international norms."
Cyberthreats are widely viewed as equivalent to physical attacks on the United States or its interests in terms of the damage that can be done.
"It is a concern for the government, and it should be a concern for business owners," said Irving Lachow, director of the program on technology and national security at the Center for a New American Security.
Threat to Innovation
What is at stake when the Chinese hack into American systems is more than just details on the distribution network of Coca- Cola or even access to a story in a newspaper before it runs.
There is a serious risk that intellectual property could be stolen, Lachow told TechNewsWorld. "This could cost billions of dollars to American companies, and it is a concern because it could cost tens of thousands of jobs."
The graver issue is that there apparently isn't much that can be done to stop it.
"The fact of the matter is that the federal government can't do a lot about this," said Altimeter's Webber.
"Businesses are the new cyberwarfare platforms. The government will try to do a lot, but there isn't a lot they can do," he maintained.
"It is a lot worse than what we're seeing," added Webber. "It is only going to get the attention it deserves when people realize how many millions and millions -- and even billions -- of dollars it costs us."
There is justifiable fear that virtual attacks on IP could translate into physical attacks and that little could be done to stop them. These could include attacks that shut down crucial systems and cause physical damage. However, that type of scenario is not likely to unfold anytime soon.
"It is possible to create a physical attack, but it takes a lot more work to do so than it would to wipe someone's hard drive," said Lachow.
There is also reason to worry that the attack strategies employed by China could proliferate to other nations or organizations. Russia and China are not likely to create the type of attack that could cause widespread damage -- either physical or virtual -- but there is concern that a rogue state such as North Korea might make the attempt.
"A terrorist attack of the banking system could mess up the economy," Lachow added. "That could do a lot of financial harm."
It is unclear how well the U.S. is prepared to address these types of attack if they should become more frequent -- or even whether the attacks are already more common than reports suggest.
"You have a bastardized organization that is hard to handle," said Lt. Gen. Clarence E. McKnight Jr. (Retired), former head of the Signal Corps and author of the book From Pigeons to Tweets.
"We are over organized; the data that gets flashed around the world is not well coordinated," he told TechNewsWorld.
"The Internet has too many entry points and makes us open to these attacks," McKnight added. "We are our own worst enemy in this case."
The number of attacks could in fact be worse than reported in part because it is hard to know when something has been stolen.
"There is the opinion that in this case there are two types of organizations," said Rand's Lebicki. "There are those that know they've been penetrated and those that don't know that they've been penetrated."