By MIKE MCCONNELL, MICHAEL CHERTOFF AND WILLIAM LYNNOnly three months ago, we would have violated U.S. secrecy laws by sharing what we write here—even though, as a former director of national intelligence, secretary of homeland security, and deputy secretary of defense, we have long known it to be true. The Chinese government has a national policy of economic espionage in cyberspace. In fact, the Chinese are the worlds most active and persistent practitioners of cyber espionage today.Evidence of Chinas economically devastating theft of proprietary technologies and other intellectual property from U.S. companies is growing. Only in October 2011 were details declassified in a report to Congress by the Office of the National Counterintelligence Executive. Each of us has been speaking publicly for years about the ability of cyber terrorists to cripple our critical infrastructure, including financial networks and the power grid. Now this report finally reveals what we couldnt say before: The threat of economic cyber espionage looms even more ominously.
Category Archives: cyber attacks
McConnell, Chertoff and Lynn: Chinas Cyber Thievery Is National Policy—And Must Be Challenged – WSJ.com
SECURITY RESEARCH OUTFIT Alienvault has revealed that Chinese cyber criminals are using malware to hack smart cards used by the US Department of Defence (DoD).
The latest strain of the backdoor access Trojan called Sykipot is being used to gain remote access to protected resources. A spear phishing technique is used to persuade the target to open a pdf file that lets the malware loose. It then uses a basic keylogger to steal credentials of cards used in the reader.
When we think of China in relation to cyber warfare, we imagine an army of hackers hired by the government in a computer room ready to successfully attack any potential target. China is perceived as a cyber power and ready to march against any insurmountable obstacle using any means. In this connection we read everything and its opposite, and we are ready to blame all sorts of cyber threats to the Country of the Rising Sun. The truth, however, is quite different, at least in my opinion, and understands that the Chinese people before others have understood the importance of a strategic hegemony in cyber space. However, many doubts are beginning to gather on the real technological capabilities of China.
It certainly has a high potential for cyber offensive but its quality is really arguable. China has the most extensive cyber-warfare capabilities. It began to implement an Information Warfare strategy in 1995 conducting a huge quantity of exercises in which computer viruses have been used to interrupt military and private communications. In 2000, China established a strategic Information Warfare unit, Net Force, which is responsible for “wage combat through computer networks to manipulate enemy information systems spanning spare parts deliveries to fire control and guid ance systems.” Today The PLA GSD Third Department and Fourth Departments are considered to be the two largest players in China‘s burgeoning cyber-infrastructure. In November 2011, Desmond Ball, a professor in the Strategic and Defense Studies Centre at Australia’s National University argues that the Chinese offensive capabilities today are pretty limited and he has also declared that the internal security has a bunch of vulnerabilities.
There are many reasons why cyber conflict is considered an awkward and destabilizing national security problem. One of the more overlooked is the gap between the technical elite and senior politicians and policymakers, a disconnect that could become tragic during fast-moving cyber conflicts. While this gap is shrinking in the United States, the United Kingdom, and Russia, it still is very significant elsewhere. China in particular needs to create better ways to connect their national security decision-makers with their technical incident responders – linking geeks and wonks – to help ensure technical incidents do not escalate out of political control.
In response to Richard Clarke’s article published on the Wall Street Journal, entitled ‘China’s Cyber assault On America,’ Jeffrey Carr, author of Inside Cyber Warfare: Mapping the Cyber Underworld, said on The Diplomat Blogs that the story is full of mistakes, logical inconsistencies and a serious lack of understanding of how targeted cyber attacks work at a granular level.
Carr criticized that Clarke tries to draw a parallel between the Obama administration’s protection of Libyan dissidents from Gaddafi and his lack of protection for US citizens from cyber attacks in China, when he obviously knows that although the president has authority over military actions as commander-in-chief, he doesn’t have any authority over US corporations.
From Clarke’s point of view: “cyber criminals don’t hack defence contractors — they go after banks and credit cards.” Carr also has words to say, taken Zeus and Hilary Kneber hacker crews for example, they have been conducting cyber espionage attacks against government and military employees using the same malware that they use in financial crime since at least February 2010. Carr alone has been attacked by those same crews because of it, and he believed that it is the modus operandi of the Russian and Ukrainian governments.
It is a known fact that governments around the world have informal relationships with criminal hackers that allow them a safe harbour to conduct cybercrime as long as they also conduct cyber espionage or other types of cyber ops for their host government as needed. The Russian Federation have been known to conduct cyber espionage against foreign firms for years and yet their name is almost never mentioned in conjunction with attacks from which they would clearly benefit.
Carr said he is not trying to defend China, as the country is vacuuming huge amounts of intellectual property and sensitive data from around the world, but these are also many other countries have done. They all have the technical capability of crafting a targeted spear phishing letter and gaining access to valuable data.
He further indicates that anyone who says that only China is conducting these types of attacks couldn’t be more wrong and such views are harming, not helping, the cyber security posture of the United States.