Category Archives: Cyber Intelligence

Cyber-Spies Intercepted Sensitive Files, Emails From Nortel: Report – Security – News & Reviews – eWeek.com

Attackers breached Nortel and had free rein to spy on its internal network and communications from 2000 to 2009, according to an internal report. As usual, China is the prime suspect.

Chinese hackers allegedly breached telecommunications company Nortel in 2000 and these cyber-spies gained access to reams of sensitive technical documents, as well as internal communications and email, for nearly 10 years, according to a report in The Wall Street Journal.

The attackers, suspected of being based in China, breached the network using stolen credentials and installed spying software deep within the company’s networking environment to gain access to all documents and communications, the Journal reported Feb. 14. The breach appears to date as far back as 2000, Brian Shields, the former senior advisor for systems security at Nortel who led the internal investigation, told the paper.

via Cyber-Spies Intercepted Sensitive Files, Emails From Nortel: Report – Security – News & Reviews – eWeek.com.

Advertisements

McConnell, Chertoff and Lynn: Chinas Cyber Thievery Is National Policy—And Must Be Challenged – WSJ.com

By MIKE MCCONNELL, MICHAEL CHERTOFF AND WILLIAM LYNNOnly three months ago, we would have violated U.S. secrecy laws by sharing what we write here—even though, as a former director of national intelligence, secretary of homeland security, and deputy secretary of defense, we have long known it to be true. The Chinese government has a national policy of economic espionage in cyberspace. In fact, the Chinese are the worlds most active and persistent practitioners of cyber espionage today.Evidence of Chinas economically devastating theft of proprietary technologies and other intellectual property from U.S. companies is growing. Only in October 2011 were details declassified in a report to Congress by the Office of the National Counterintelligence Executive. Each of us has been speaking publicly for years about the ability of cyber terrorists to cripple our critical infrastructure, including financial networks and the power grid. Now this report finally reveals what we couldnt say before: The threat of economic cyber espionage looms even more ominously.

via McConnell, Chertoff and Lynn: Chinas Cyber Thievery Is National Policy—And Must Be Challenged – WSJ.com.


US lawmaker slams China for cyber spying – Forbes.com

WASHINGTON — The chairman of the House Intelligence Committee has accused China of waging an unprecedented campaign of cyber espionage aimed at stealing some of the most important U.S. industrial secrets.

Chairman Mike Rogers, a Michigan Republican, says that Chinese efforts to steal U.S. technology via the Internet have reached what he called an “intolerable level,” and has called on the United States and its allies to pressure Beijing to stop.

via US lawmaker slams China for cyber spying – Forbes.com.


Ex-GM Engineer Arrested for Trying to Sell Hybrid Secrets to China

Man have heard of knockoff Chinese electronics clones of popular American products — from the iPod to laptop computers.  The largely underreported story is the role intellectual property theft plays in the creation of these products.  Often Chinese engineers directly steal designs which are used to produce cheap clones.

That issue has been brought under the microscope with the arrest of Shanshan Du, 51, and her husband, Yu Qin, 49, for attempting to steal hybrid trade secrets and sell them to China according to the Detroit News.

The bizarre story begins in 2000 when Du obtained a job working at General Motors.  Soon she became involved with hybrid vehicle efforts, and from 2003 to 2005 she collected thousands of pages of design documents and a wealth of computer files.  When she left GM in 2005, she focused on trying to sell the information on behalf of her Michigan startup Millennium Technology International, MTI, which she and her husband founded in 2000.

via DailyTech – Ex-GM Engineer Arrested for Trying to Sell Hybrid Secrets to China.


Former Boeing Engineer Charged with Economic Espionage in Theft of Space Shuttle Secrets for China

Former Boeing Engineer Charged with Economic Espionage in Theft of Space Shuttle Secrets for China

WASHINGTON, D.C. — A former Boeing engineer was arrested this morning after being indicted last week on charges of economic espionage and acting as an unregistered foreign agent of the People’s Republic of China (PRC), for whom the engineer stole Boeing trade secrets related to several aerospace programs, including the Space Shuttle.

Dongfan “Greg” Chung, 72, of Orange, Calif., who was employed by Rockwell International from 1973 until its defense and space unit was acquired by Boeing in 1996, was arrested without incident at his residence by special agents with the Federal Bureau of Investigation and investigators with NASA. Chung, who is expected to make his initial court appearance here this afternoon, was named in an indictment returned last Wednesday by a federal grand jury.

The indictment accuses Chung of eight counts of economic espionage, one count of conspiracy to commit economic espionage, one count of acting as an unregistered foreign agent without prior notification to the Attorney General, one count of obstruction of justice, and three counts of making false statements to FBI investigators.

“Certain foreign governments are committed to obtaining the American trade secrets that can advance the development of their military capabilities. Today’s case demonstrates that the Justice Department is equally committed to foiling those efforts through the arrest and prosecution of those who conduct economic espionage at the expense of our economic and national security,” said Assistant Attorney General for National Security, Kenneth L. Wainstein.

Chung, a native of China who is a naturalized United States citizen, held a Secret security clearance when he worked at Rockwell and Boeing on the Space Shuttle program. He retired from the company in 2002, but the next year he returned to Boeing as a contractor, a position he held until September 2006. The indictment alleges that he took and concealed Boeing trade secrets relating to the Space Shuttle, the C-17 military transport aircraft and the Delta IV rocket. Chung allegedly obtained the materials for the benefit of the PRC.

United States Attorney Thomas P. O’Brien stated: “Mr. Chung is accused of stealing restricted technology that had been developed over many years by engineers who were sworn to protect their work product because it represented trade secrets. Disclosure of this information to outside entities like the PRC would compromise our national security.”

via #08-106: 02-11-08 Former Boeing Engineer Charged with Economic Espionage in Theft of Space Shuttle Secrets for China.


Glass Dragon: China’s Cyber Offense Obscures Woeful Defense | threatpost

Contrary to the image of China as a nearly invincible cyber powerhouse, Beresford says in an interview with Threatpost Editor Paul Roberts, that the fast-growing nation suffers from woeful cyber security practices at home that leave, literally, thousands of networks and databases vulnerable to even trivial, remote attacks. Beresford, who publicized holes in domestic Chinese SCADA systems in

 

Dillon Beresford Security Consultant

 

September, 2010, said the country’s aggressive cyber offense abroad, he said, is in stark contrast to an almost total lack of basic cyber defense at home that has left both classified and unclassified government networks vulnerable to attack and compromise.

Dillon Beresford, a security researcher

via Glass Dragon: China’s Cyber Offense Obscures Woeful Defense | threatpost.


Hackers attack South Korean sites; up to 35 mln users affected | Reuters

(Reuters) – South Korea’ communications regulator said Thursday hackers from China had attacked an Internet portal and blogging site operated by SK Comms, accessing the personal information of up to 35 million users in what could be the country’s biggest cyber attack so far.

The incident follows a series of hacking incidents at South Korean financial firms in recent months, exposing the vulnerabilities of networks in the world’s most wired country.

The Korea Communications Commission said in a statement that hacking attacks Thursday morning targeted personal information including phone numbers, e-mail addresses, names and coded data of users of the Nate portal and Cyworld blogging sites, both operated by SK Comms.

Police are investigating the case and have yet to request the assistance of the Chinese authorities, an official at the commission said.

Accusations against China over hacking incidents have mounted in recent months, with allegations it intruded into the networks of Lockheed Martin and other U.S. military contractors and tried to gain access to the Google email accounts of U.S. officials and Chinese human rights advocates.

South Korea recently drew up a cyber security master plan after a wave of hacking attacks against global agencies, companies and its own financial firms.

In April, government-funded Nonghyup, a large commercial bank, suffered a massive network failure that affected millions of users, and Seoul prosecutors said North Korean hackers were responsible for the attack.

In May, hackers breached the personal information of 1.8 million customers of Hyundai Capital, which is owned by Hyundai Motor and GE Capital International.

Shares in SK Comms, a unit of conglomerate SK Group, tumbled 6 percent Thursday.

via Hackers attack South Korean sites; up to 35 mln users affected | Reuters.


Cyber Weapons: The New Arms Race – BusinessWeek

The Pentagon, the IMF, Google, and others have been hacked. It’s war out there, and a cyber-weapons industry is exploding to arm the combatants.

Cyber attacks used to be kept quiet. They often went undiscovered until long after the fact, and countries or companies that were hit usually declined to talk about attacks. That’s changed as a steady flow of brazen incursions has been exposed. Last year, for example, Google (GOOG) accused China of spying on the company’s workers and customers. It said at the time that at least 20 other companies were victims of the same attack, nicknamed Operation Aurora by the security firm McAfee. (INTC) The hacked included Adobe Systems (ADBE), Juniper Networks (JNPR), and Morgan Stanley. (MS) Joel F. Brenner, the head of U.S. counterintelligence until 2009, says the same operation that pulled off Aurora has claimed many more victims over several years. “It’d be fair to say that at least 2,000 companies have been hit,” Brenner says. “And that number is on the conservative side.”

 

via Cyber Weapons: The New Arms Race – BusinessWeek.


Hackers Linking Geeks and Wonks to Respond to National Security Incidents | Atlantic Council

There are many reasons why cyber conflict is considered an awkward and destabilizing national security problem. One of the more overlooked is the gap between the technical elite and senior politicians and policymakers, a disconnect that could become tragic during fast-moving cyber conflicts.   While this gap is shrinking in the United States, the United Kingdom, and Russia, it still is very significant elsewhere. China in particular needs to create better ways to connect their national security decision-makers with their technical incident responders – linking geeks and wonks – to help ensure technical incidents do not escalate out of political control.

via Cyber Statecraft: Linking Geeks and Wonks to Respond to National Security Incidents | Atlantic Council.


U.S. and China face vast divide on cyber issues | Reuters

(Reuters) – For two years, academic experts from the United States and China have quietly held talks on cyber-security, straining to establish rules of the road in a realm that has proven a persistent irritant between the world’s two largest economies.

The informal discussions have yielded modest progress in areas such as cooperation to combat Internet fraud, where both Beijing and Washington have an incentive to work together, according to participants.

But mostly, the talks appear to have exposed a wide gap between the United States and China over almost everything virtual: policing computer networks, moderating cyber warfare, even controlling information.

China’s contrasting view of cyber security was made clear as soon as the United States began discussing the need to protect computer networks, James Mulvenon, a China expert at the Defense Group Inc, told a recent Washington conference.

China wanted to talk about censorship. “The Chinese came back immediately and said no, no, no, we want to talk about information security, which is both protecting the network and policing the content on the network,” Mulvenon said.

“Right from the outset, we were talking past one another,” he added.

Digital attacks and cyber snooping on U.S. technology firms and government agencies including the Pentagon, many of them believed to have originated in or been routed through China, have pushed cyber-security up the list of thorny issues troubling Sino-American relations.

While Beijing denies it, U.S. officials and experts suspect China’s hand was behind the hacking and phishing of web-search giant Google Inc. this year and last, as well as intrusions into Pentagon networks.

On Thursday, the Pentagon is due to release its formal cyber-security strategy.

Unlike nuclear, chemical and biological weaponry, or trade wars, there are no existing international treaties that cover cyber-war, computer espionage or hacking.

Former Secretary of State Henry Kissinger, an architect of the U.S. opening with China in the 1970s, told a Thomson Reuters event last month that a high-level agreement between the two sides is needed. “If you take it case by case it will lead to accusations and counter-accusations,” he said.

UNOFFICIAL TALKS FIRST

But so far, there has been relatively little official movement.

The annual cabinet-level U.S.-China Strategic and Economic Dialogue included cyber security for the first time this year, but the session was just 90 minutes long, cut in half by translation and produced no breakthroughs.

The unofficial talks between experts began after China approached the United States with concerns that hacker intrusions were stoking bilateral tension, said James Lewis, a cybersecurity expert who leads the U.S. side of the talks.

The U.S. group and experts from the state-affiliated China Institutes of Contemporary International Relations have covered four areas: law enforcement, trade, military issues and espionage.

Five group meetings and three smaller informal meetings have made headway in the law enforcement area, said Lewis, of the Center for Strategic and International Studies, a Washington think tank.

In one instance, the FBI helped China’s law enforcement agencies by staging raids in New York on Chinese in the United States who were defrauding people back home, he said.

“It’s slow, but I think there’s a little bit of progress,” said Lewis, adding that the goal is to eventually hand the conversations over to official negotiating teams.

SAME WEB, DIFFERENT DREAMS

But the military and espionage tracks have been hard going, highlighting what analysts say is a huge U.S.-China perception gap over values, capabilities, interests — and even basic definitions of deterrence and cyber security.

Analysts say China’s People’s Liberation Army believes its ability to attack U.S. cyber infrastructure compensates for its conventional military weakness compared to the United States.

“I’m quite skeptical of the likelihood that any effective understanding of offensive operations can be reached with the Chinese government,” said Stewart Baker, a former U.S. Department of Homeland Security official, now at the law firm Steptoe & Johnson.

China’s eagerness to acquire foreign technology also has inspired cyber intrusions that anger trade partners.

Hackers based in China have been accused of trying to steal everything from Google’s valuable search algorithm to manuals for U.S. satellites to gigabytes of proprietary business information from Western energy companies.

But China’s spymasters, paradoxically for a centrally controlled government, do not keep a tight leash on hackers and others that they train, said Lewis, whose group will hold its next round of unofficial cyber-security talks later this year.

Lewis said he was skeptical that Beijing was directing the high-value intellectual property theft or could stop it.

“They do train people and they do use proxies but that doesn’t mean that everyone is under their control,” he said.

Even if the United States could verify that China was behind malicious cyber activity and Beijing had the capacity to rein it in, negotiations toward a cyber treaty might require concessions Washington would be loathe to put on the table.

Jack Goldsmith, an international law and cyber-security expert at Harvard Law School, says China and other countries would likely demand U.S. restraint in areas such as intelligence gathering and encouraging political activists who challenge curbs on Internet freedom.

“Until the United States gets serious about which concessions that are attractive to our adversaries it is willing and able to make, American talk of a cyber-arms agreement is empty,” Goldsmith wrote recently.

via U.S. and China face vast divide on cyber issues | Reuters.