More

Gerry Smith
Gerald.Smith@huffingtonpost.com Become a fan of this reporter
GET UPDATES FROM Gerry
 

Chinese Cyberspying Debate Renewed By Security Firm Report

China Cyber Spying

First Posted: 08/03/11 09:27 PM ET Updated: 10/03/11 06:12 AM ET

Inspiring
 Funny
 Obsolete
 Scary
 Must-Have
 Amazing
 Innovative
 Nerdy

As a massive cyberspying operation came to light on Wednesday, revealing more than 70 targets in 14 countries, security experts pointed the finger at a familiar culprit: China.

The report by the security firm McAfee did not say who was behind the operation, but the timing of the spying and the list of targets -- which included South Korea, Japan and Taiwan, but not China -- renewed speculation that Beijing is actively engaged in cyber espionage to steal state secrets and intellectual property.

"Who else is going to spy on Taiwan?" asked James A. Lewis, a cybersecurity expert at the Center for Strategic and International Studies.

The report detailed a five-year campaign to steal closely-guarded national secrets, source code, email archives and negotiation plans from governments, companies and nonprofit agencies around the world, including the United Nations, the International Olympic Committee and a Department of Energy research laboratory. Forty-nine of the 72 identified targets were located in the United States, the report said.

In one example, hackers began spying on the computer networks of the International Olympic Committee and the Olympic committees of two unidentified Asian countries and one Western country in the months leading up to the 2008 Olympic Games in Beijing, the report found.

In another, hackers infiltrated the system of the Association of Southeast Asian Nations Secretariat for 10 months starting in October 2006, one month before the organization's annual summit in Singapore. China is not a member of ASEAN.

The attacks, when seen in the context of those geopolitical events, strongly suggest that China was involved, experts say.

"When you look at the attacks and the motivation behind them, all roads are leading to Beijing," said Harry Sverdlove, chief technology officer at the security firm Bit9.

The report was not the first to raise speculation about China's involvement in cyber espionage. More than a year ago, a string of cyber attacks nicknamed "Operation Aurora" affected more than 30 companies, including Google, which claimed that Chinese hackers stole its intellectual property and tried to break into Gmail accounts of U.S. government officials, Chinese activists and foreign journalists.

At a press conference in June, Chinese Foreign Ministry spokesman Hong Lei denied the country's role in the attacks against Google, saying Beijing "staunchly opposes" computer hacking and has been a victim of cyber attacks itself.

And other security experts caution against quickly blaming China for cyber espionage. They say attributing such operations is difficult because hackers have become increasingly adept at disguising their origin.

"We have hard evidence of some early attacks coming directly from China, but recent attacks are harder to attribute with substantive evidence," said Alan Paller, director of research at SANS institute, a training organization for cybersecurity professionals.

Two years ago, Canadian researchers discovered a widespread cyberspying operation called "GhostNet," which had attacked nearly 1,300 computers in more than 100 countries, mainly in Southeast Asia. The intruders had gained access to emails from the Dalai Lama’s organization, leading to speculation that China may have been involved.

But while most of the hackers' computers were controlled from China, the researchers did not point the finger at the Chinese government.

"Attributing all Chinese malware to deliberate or targeted intelligence gathering operations by the Chinese state is wrong and misleading," said the report by researchers at the Munk Center for International Studies at the University of Toronto. "With more creative people using computers, it's expected that China (and Chinese individuals) will account for a larger proportion of cybercrime."

Sverdlove said he was not surprised that McAfee and other security researchers have not directly blamed China. He said there is pressure, particularly on government leaders, not to point fingers at other countries for cyberspying because it leads to an uncomfortable question.

"There's pressure to not name names because the consequences of doing so are still unknown," he said. "If China is stealing state secrets, the next question is: 'What do we about that?'"

FOLLOW HUFFPOST TECH

As a massive cyberspying operation came to light on Wednesday, revealing more than 70 targets in 14 countries, security experts pointed the finger at a familiar culprit: China. The report by the se...
As a massive cyberspying operation came to light on Wednesday, revealing more than 70 targets in 14 countries, security experts pointed the finger at a familiar culprit: China. The report by the se...
Related News On Huffington Post:
 

More in Technology...


 
 
  • Comments
  • 130
  • Pending Comments
  • 0
  • View FAQ
Comments are closed for this entry
View All
Favorites
Recency  | 
Popularity
Page: 1 2 3  Next ›  Last »  (3 total)
hereIamHuff
21 Fans
11:37 AM on 08/05/2011
The Chinese are trying to steal their way to the top. Why isn't the world community responding? http://www.itworld.com/security/190077/why-west-silent-5-year-cyberwar-launched-china
Permalink  |
HUFFPOST SUPER USER
Benjamin Rosenfeld
101 Fans
 
01:56 PM on 08/05/2011
Because China has the financial capability to destroy the United States, an act which would most definitely be mirrored in economies worldwide as stock markets race to the bottom.
History  | Permalink  |
photo
netzwerg
345 Fans
09:11 AM on 08/05/2011
" you can't route traffic from china too well as they have 'the great firewall'"

That's very easy, I do it all the time to access the awesome chinese MP3 websites that require a Chinese IP.

Here's a list of 643 Chinese servers you can use as a proxy: http://nntime.com/proxy-country/China-01.htm
Permalink  |
photo
HUFFPOST SUPER USER
ConcernedCitizen78
35 Fans
10:09 AM on 08/05/2011
So it is easy for any person or agency who wants to cause mischief for China to 'hijack' a Chinese IP address (and even Chinese computers) the way you have done and launch cyber attacks against any country, then blame the Chinese for launching the attacks!

See my comments 09:48 PM on 8/03/2011 [quote] Firstly, if you were Central Spy Agency A spying on Taiwan, Japan or South Korea AND you wish to cause dissension between, say, China and Taiwan, or China and Japan, wouldn't it be convenient to hijack some computers in China to launch your attacks? You now have not only "plausible deniability" but China gets the blame as well! [unquote]

It may very well be the security software company that warns you about these attacks! It’s like the gangster chief who sends some of his men to harass your business in the neighborhood, then sends some others of his men to “advise” you to pay protection money so he has an interest to protect you!
Permalink  |
photo
Help Meet
0 Fans
09:17 PM on 08/04/2011
Fullerton Police in California Murdered Kelly Thomas a homeless mentally ill man. They beat him into a coma, he died 5 days later. Police in the United States are killing every day. Something must be done. Enough is Enough.
Permalink  |
rusty-jade
32 Fans
05:59 PM on 08/04/2011
That's how the Chinese used this US funding, to train hackers! See: http://finance.yahoo.com/news/Senators-urge-end-to-US-apf-3973667824.html?x=0
Permalink  |
photo
HUFFPOST SUPER USER
Mickey Bitsko
Your sink is shipping
376 Fans
05:45 PM on 08/04/2011
"Attributing all Chinese malware to deliberate or targeted intelligence gathering operations by the Chinese state is wrong and misleading"

But you will mislead us to believe that Eastern Europe or Iran has a vested interest in hacking computers in Taiwan, Japan and/or Korea along with the US maybe.
Permalink  |
photo
HUFFPOST SUPER USER
cybersense
787 Fans
01:54 PM on 08/04/2011
Or china is allowing another country op to filter who is.
Permalink  |
This user has chosen to opt out of the Badges program
photo
rnsone4life@yahoo.com
79 Fans
01:18 PM on 08/04/2011
Yeah right, I'll place my bets on I s r a e l..they spy on us, we give them the most aid by far than any other nation.they get all their $$ upfront in January,so the we actually have to borrow it n pay interest on it, while they sit on it n collect interest on it! Yet they continue to spy on us.
Permalink  |
photo
AnonK9
45 Fans
 
05:22 PM on 08/04/2011
Protip: Not everything revolves around Israel, no matter what your paranoid, foilhatter nightmares tell you.
Permalink  |
This user has chosen to opt out of the Badges program
photo
rnsone4life@yahoo.com
79 Fans
11:31 AM on 08/08/2011
Funny you don't address the FACTS,instead you resort to name calling..
Permalink  |
photo
crankyCrackPot
Don't judge a book by its movie
396 Fans
12:39 PM on 08/04/2011
While the US strives to weaponize space, the Chinese are working on cyberspace and winning.
They will be able to win future wars without firing an actual gun.
Permalink  |
This user has chosen to opt out of the Badges program
photo
Eris23
Justice is in indefinite detention.
482 Fans
01:08 PM on 08/04/2011
You think the US hasn't done the same with cyberspace?
Permalink  |
photo
crankyCrackPot
Don't judge a book by its movie
396 Fans
01:35 PM on 08/04/2011
They have certainly tried but are falling well behind.
I didn't mean for my comment infer exclusiveness, just success and relevance.. Similarly, China is weaponizing space as well, their new GPS system for instance puts ours to shame.
And if needed, their cyberspace efforts combined with their advances into outer space probably already give them the ability to shut down or at least significantly hinder our military and commercial GPS systems.
Permalink  |
This user has chosen to opt out of the Badges program
photo
VPutin
Signal in the sky
15 Fans
11:56 AM on 08/04/2011
Oh China China China..is it not enough that you own the USA and now you want to destroy it?
Permalink  |
photo
bendbutler
15 Fans
10:07 AM on 08/04/2011
Why send a spy when you can get the same information through hacking. There is no doubt this is the future of espionage.
Permalink  |
photo
netzwerg
345 Fans
10:15 AM on 08/04/2011
This has been going on for years, but now the Chinese seem to get the upper hand over the Americans.

China embarrasses US in NSA hacking contest -- National Security Agency-backed TopCoder Open competition raises big questions

http://www.computerworlduk.com/news/careers/15144/china-embarrasses-us-in-nsa-hacking-contest/
Permalink  |
photo
netzwerg
345 Fans
10:19 AM on 08/04/2011
"According to a recent Newsweek article, there are approximately 1,000 elite cyber warriors in the US, while as many as 20,000 are needed."
http://www.pctools.com/security-news/hacker-education/

China probably has a lot more elite cyber warriors than the US now.
Permalink  |
photo
greyhound2
227 Fans
09:49 AM on 08/04/2011
Recently the Defense department announced it considered computer hacking an "Act of War". So when do we start the launch sequence?
Permalink  |
This user has chosen to opt out of the Badges program
photo
neo-moderate
113 Fans
10:03 AM on 08/04/2011
That would be like attacking the bank that owns your mortgage, we're not going to do squat against China, they are our source of funding. They pretty much own us....they probably believe they have the right to keep tabs on us, to try to protect their investment.
Permalink  |
This user has chosen to opt out of the Badges program
poster1122
117 Fans
12:39 PM on 08/04/2011
They actually own only about 10% of our debt, roughly a little more than Japan. If they stopped buying, in this uncertain world, now that the debt ceiling crisis is temporarily abated, there would be plenty of other buyers looking for liquidity. Nothing is more liquid than US Treasuries except for cash itself.

The reason why we don't go to war with them is the same reason we don't go to war with Russia, which also has its cyberwarriors but which we don't rely on for funding: they've got a fairly good sized arsenal of ICBMs.

Most people tend to prefer their cities not smoldering from radioactive fallout. No one is going to institute WWIII because they steal our secrets or we steal theirs. Otherwise, we would've nuked ourselves out of existence several times over because of the various spy scandals that get uncovered from time to time.
Permalink  |
photo
HUFFPOST SUPER USER
Mickey Bitsko
Your sink is shipping
376 Fans
05:57 PM on 08/04/2011
Why not, the chance of finding your mortgage files under all the scorched earth could be from slim to not in the next 30-40 years.
Permalink  |
photo
netzwerg
345 Fans
10:22 AM on 08/04/2011
Isn't the US bankrupt enough yet?
Permalink  |
photo
HUFFPOST SUPER USER
Jeff Forsythe
22 Fans
09:40 AM on 08/04/2011
Now that we have all these wonderful trade ties with the Chinese Communist Party (CCP) and the money is flowing and tourists are touring, possibly a member of some government will mention human rights , which does not exist in Communist China.

At the same time, because of greed, people the World over have forgotten how evil communism is.

The Governments of the Western World are fully aware of the brutality of the CCP but have overlooked its countless crimes against humanity because of corporate greed.

These crimes include torture, organ harvesting from living donors, child slavery and murder. Right this moment the CCP is attempting a cruel genocide of tens of millions of innocent Falun Gong practitioners.
These issues have to be approached and it is the duty of our Governments to first acknowledge them and then do everything in their power to right them. Thank you for your consideration.
Permalink  |
This user has chosen to opt out of the Badges program
photo
neo-moderate
113 Fans
10:09 AM on 08/04/2011
So...does our corporate greed and Capitalism sound any better because we look the other way on these issues? We're enablers. We let them do this to their own people because we're greedy and want their cheap labor to make our useless c_r_a_p. Oh, and we want their money....so we can fund wars on other, less powerful countries for the same atrocities going on in China. We take a "strong stance" against dealing with communist countries like Cuba, but we turn a blind eye toward China because they pose a real threat.
Permalink  |
Gaylord P Farqua
Herb Gardner Amateur Chef, Historian and Political
1911 Fans
09:31 AM on 08/04/2011
Maybe now that Murdoch's hackers are temporarily unemployed they could be hired to bury Chinese systems in orders for Kung Pao chicken  and won ton soup. Or a special favorite: boycott Chinese made products until the incidence of hacking disappears.  Since our economy is screwed and unemployment is soaring that should not be too hard to do.
Permalink  |
HUFFPOST SUPER USER
William J Unverferth Sr
Snark attack.
114 Fans
09:11 AM on 08/04/2011
Program your routers to reject all IPs that can be geolocated to china or any where you might think they are dubious.
Permalink  |
My 2 Cents
4 Fans
09:20 AM on 08/04/2011
Have you checked the BIOS in your Chinese manufactured electronics lately? Keylogging anyone? Just because I'm paranoid, doesn't mean they're not out to get me... :-)
Permalink  |
This user has chosen to opt out of the Badges program
photo
neo-moderate
113 Fans
10:10 AM on 08/04/2011
I wonder if they have enough people to sift through all that data...
Permalink  |
This user has chosen to opt out of the Badges program
photo
Eris23
Justice is in indefinite detention.
482 Fans
01:11 PM on 08/04/2011
Proxy. Geolocation issue solved.
Permalink  |
HUFFPOST SUPER USER
William J Unverferth Sr
Snark attack.
114 Fans
01:13 PM on 08/04/2011
Screen proxies
Permalink  |
xtiangodloki
139 Fans
09:03 AM on 08/04/2011
From the article: "If China is stealing state secrets, the next question is: 'What do we about that?"

The answer is simple: You hire more, better hackers. Which is exactly what NSA is attempting to do at Def Con (world's largest hacker convention in Vegas), again. It's also no coincidence that this news came out at this time, because Def Con is going on this week and the security firms wish to advertise themselves by playing on nationalism amid talks to reduce the defense budget. Unfortunately, black hat hackers don't come in cheap as they can make a lot more stealing credit card info from Sony, so if Americans buy into this stuff then they should be prepared to pay.
Permalink  |
Page: 1 2 3  Next ›  Last »  (3 total)