Another Day, Another Set of Hacking Attacks. News At 11.

By Terry Zink
Terry Zink

While reading Reuters I came across a news article indicating that a number of high profile agencies — from the United Nations to the Canadian Government to government of Taiwan — were broken into over a period of the past five years. From the article:

BOSTON (Reuters) - Security experts have discovered the biggest series of cyber attacks to date, involving the infiltration of the networks of 72 organizations including the United Nations, governments and companies around the world.

Security company McAfee, which uncovered the intrusions, said it believed there was one "state actor" behind the attacks but declined to name it, though one security expert who has been briefed on the hacking said the evidence points to China.

I'll say it right now, even though I haven't been briefed on it. It was China. Continuing:

The long list of victims in the five-year campaign include the governments of the United States, Taiwan, India, South Korea, Vietnam and Canada; the Association of Southeast Asian Nations (ASEAN); the International Olympic Committee (IOC); the World Anti-Doping Agency; and an array of companies, from defense contractors to high-tech enterprises.

"What is happening to all this data ... is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team's playbook), the loss represents a massive economic threat."

...

Some of the attacks lasted just a month, but the longest — on the Olympic Committee of an unidentified Asian nation — went on and off for 28 months, according to McAfee.

"Companies and government agencies are getting raped and pillaged every day. They are losing economic advantage and national secrets to unscrupulous competitors," Alperovitch told Reuters.

"This is the biggest transfer of wealth in terms of intellectual property in history," he said. "The scale at which this is occurring is really, really frightening."

China Connection?

Jim Lewis, a cyber expert with the Center for Strategic and International Studies, said it was very likely China was behind the campaign because some of the targets had information that would be of particular interest to Beijing.

The systems of the IOC and several national Olympic Committees were breached before the 2008 Beijing Games. And China views Taiwan as a renegade province, and political issues between them remain contentious even as economic ties have strengthened in recent years.

"Everything points to China. It could be the Russians, but there is more that points to China than Russia," Lewis said.

This is something that I have written about numerous times, here is a summary of my position:

Not every security researcher is convinced that the evidence points to China. Graham Cluley, of the Sophos Security blog, writes the following:

Furthermore, the report (quite rightly, in my opinion) refuses to name who it believes is responsible for the hack. Nevertheless, the media have leapt to the conclusion, with a nudge and a wink, that it simply must be China.

Despite the lack of any evidence in the report that it is China.

I don't think we should be naive. I'm sure China does use the internet to spy on other countries.

But I'm equally sure that just about *every* country around the world is using the internet to spy. Why wouldn't they? It's not very hard, and it's certainly cost effective compared to other types of espionage.

In other words, China is a good candidate but it really could be any number of countries, each of whom possesses the ability to break in and steal secrets. I think that Cluley is one of the best security bloggers out there and I respect his work a lot. But this obviously points to China:

  1. One of the targets was the International Olympic Committee and the World Anti-Doping Agency in the follow up to the 2008 Olympics which were held in… Beijing. China made a big pomp-and-circumstance around these Olympics. Remember when the little girl lip-synced the lyrics to the national anthem? Or the controversy around the gymnasts who were too young? Who would have a motivation to break into the IOC? A country that wants to look good at the Olympics, that's who.
  2. The Association of South East Asian Nations (ASEAN) Secretariat was hacked. Who would have an interest in hacking that entity? Someone who has commercial interests in that part of the world, that's who.
  3. 13 defense contractors were hacked. Who would hack into a defense contractor? Someone who wants to catch up militarily to the United States. Who announced in 2010 that they had the right to build overseas bases to support naval operations and protect their interests abroad? And just launched their J-20 military plane? China.
  4. Who is competing with Vietnam for an oil rich area? And who has an economic with Indonesia from which to project their military capabilities (in terms of geography — China is blockaded militarily in the South China Sea by the United States)? And, conveniently, what two governments were hacked? China has those interests, and both Vietnam and Indonesia were hacked.

I could go on but those will suffice. The targeted list of countries dovetail right into China's interests. Sure, it could be the United States or Russia or Britain or France or Israel. It's possible but not probable.

The question now is what other nations in the area and around the world are doing to counter it.

By Terry Zink, Program Manager. Visit the blog maintained by Terry Zink here.

Related topics: Cyberattack, Cybersecurity, Networks

Comments