Chinese Cyber Attacks
Time is running out for the Obama administration to decide if China is sticking to a September deal to eradicate corporate hacking.
During the past several months, American leaders have pushed back against accusations that Beijing has not dialed its hacking apparatus down. The White House insists it will take months to assess if the Asian power is keeping its word to cease conducting – or at least supporting – financial espionage.
Pressure will grow after the first of the year if some type of metric isn’t developed that can show if China is sticking to the trade deal.
“We have to trust, but verify,” said House Homeland Security Committee Chairman Michael McCaul. “I don’t think China is being held responsible.”
As far back as 2008, Chinese computer hackers penetrated the data systems of American business and government agencies. The damage has included stolen proprietary information and even accessing some power plants. Some observers accredit power outages in Florida and the Northeast to the Asian band of hackers.
“It [the blackout] has been tracked to the PLA,” Bennett told the National Journal.
Major parts the Northeast were affected, and an approximate two million homes were driven into darkness.
American officials have never acknowledged the power outage included foreign intrusion. Inspectors claimed the power outage was caused by huge trees that touched high-voltage wires in Ohio which then triggered a cascading collapse and over 90 power stations that closing down. Power was restored to a large part of the area with a day.
The American government has consistently denied any Chinese involvement, but American intelligence has not ruled out China as a bit-player.
Bennett has testified in front of Congress about the weakness of data systems. During his testimony, he looked at an incident in February 2008 which hit 3 million consumers in southern Florida.
That outage blacked out the east coast of the Sunshine State. Eight power plants were taken out. Federal officials hired investigators to search the outage for proof of a system infiltration and to dissect the episode to understand if China’s hackers had performed a part.
Speaking on the condition of anonymity, another data-security expert backed up Bennett’s description of the incident. The expert claimed that a Chinese hacker was mapping the power grid, entered a wrong portion of the code and triggered the dominoes of the power structure to start falling.
While power company officials have blamed the blackout on an inept power worker who tripped a breaker, governmental authorities are still reviewing the matter. Experts say the Chinese hackers have devoted resources to charting the electrical infrastructure, a claim supported by the then-current Vice Chair of the Joint Chiefs of Staff.
Tom Donahue, former chief of cyber-security for the Central Intelligence Agency, claimed hackers had broken into computer systems belonging to utility organizations outside of America and had even required ransom. Donahue, speaking at a gathering of security officials said he speculated that the cybercriminals had some inside knowledge and in one instance, an intervention which created a power blackout that hit a mixture of municipalities at once.
Numerous computer-security specialists, including Bennett, feel the CIA’s assertion regarding international incidents was meant to alert American businesses that interruptions within America could happen easily.
U.S. officials are also concerned the Chinese are adopting long-established hacking procedures to swipe sensitive data from American government agencies.
According to Bennett, one big American business saw its strategic information obtained by China before business negotiations. The American delegation sat down at the negotiating table and realized the Chinese knew every gambit to each important bargaining point.
In December 2007, software was found on machines used by Commerce Secretary Carlos Gutierrez and other people on the American trade committee throughout a Beijing trip.
Gutierrez was in the Chinese capital with the Joint Commission on Commerce and Trade to discuss intellectual property licenses, market entree, and customer product security.
The spyware applications opened channels to networks outside the secure system and downloaded contents of infected devices on a regular basis. The Gutierrez compromise caused huge anxiety in the Bush presidency.
Rich Mills, a Commerce Department spokesperson, told National Journal that he could not validate the allegations, but added that the source’s assertion that the committee was imperiled did have some truth.
The CEO of Cybrinth, Stephen Spoonamore, told National Journal that Chinese cybercriminals endeavor to outline the systems of his customers on a regular basis. Officials from several Fortune 500 corporations, all unnamed, had data-swiping code in their laptops while visiting in China. The same destiny that hit Gutierrez.
Spoonamore says the American government needs to be open about the violations. “By not speaking honestly, they are turning a national defense issue into something worse,” he said.
A Rising Menace
Bennett noted that Chinese cybercriminals are excellent and becoming better.. The subject has attracted the notice of Congressman Jim Langevin, D-R.I., chair of the Homeland Security’s Emerging Threats and Technology panel.
“Asia has been a main concern. The penetrations of American networks have been followed to hackers inside China,” Langevin said.
China does not make a big contrast between cybercriminals who are government employees and ones who are contracted by the state. With a tremendous supply of Chinese individuals and students, the Chinese regime has not discouraged anyone from trying to hack American businesses.
So-called “patriotic-hacker” factions have consistently originated cyber attacks inside China. These attacks are typically targeted at people they believe have hurt the nation. At the least, the Chinese regime has done nothing to close the groups.
High-profile hacks have been happening for some years. An anonymous hacker crashed into the email for Defense Secretary Robert Gate’s office in 2007. The Pentagon responded by shutting down over 1,000 computers and said the breach did not cause any harm.
The Department of Homeland Security, accountable for guarding private computer networks, was hit in over 840 attacks between 2005 and 2007. An application, created to take server’s security keys, had been placed, and debate still rages about if the thief stole data that could endanger American policies.
“The invasions we’ve observed are on unsecured networks that are less shielded than secure systems,” said Bennett.
The Private Sector Foot-Dragging
If there has been no serious impact on government operations, why are officials blowing the whistle about system attacks and Chinese hacking?
Some of the solutions are found in fresh assessments of the threat. Officials point to data that interventions are growing in quantity and sophistication. Without naming China, Robert Jamison, a top security chief with DHS, told reporters, “We’re worried that the invasions are becoming more common.”
Federal authorities are more anxious about the private sector’s incapability to stop the attacks.
Michael Tanji, a retired intell official with the Defense Intelligence Agency, says that recent alerts aren’t part of a federal collusion to boost the threat.
“Having worked on these threats in the past, I had to notify conspiracy theorizers that I’ve been a cynic of allegations about the ability to close down the planet via the Internet. However, I understand that the disregard of utility system owners may just demand a greater acknowledgment than has been seen so far.”
Tanji’s comments speak to a bothersome reality of the current cyber-security policy. Since much of the electrical grid in America is in private hands, the government is challenged in compelling utility owners to watch their systems more efficiently. The FBI and DHS have set up groups where industry executives can discuss their obvious vulnerabilities in private, but membership isn’t compulsory. Some of the operations that utility owners use were designed by third parties. The software produced abroad poses a threat since malicious codes may have been inserted in the software during its creation.
The Defense Department is also raising concerns. In a recent paper on China’s military power, the Department of Defense said, for the first time, that strikes against government systems appear to have begun in China.
“Various computer networks globally, including ones owned by the American government, were subjected to invasions from China,” according to the report.
The military isn’t setting back while it waits for China to strike a deadly blow. In March, Kevin Chilton, former chief of American Strategic Command, announced the Pentagon has established its cyber warfare plans. “Our difficulty is to determine and shape a cyber-force second to none,” Chilton told the Senate Armed Services Committee.
The U.S. Air Force is initiating a Cyberspace Command committed to the idea that the subsequent battle will be waged in the electromagnetic arena and that computers will be used as martial weaponry. Drumming up support through a television advertising campaign, the spot declares, “You used to require an army to conduct war. Now all you need is connection.”
Military and intelligence experts have been caught off-guard by China’s rapid cyber advances. “Chinese martial tacticians have adopted cyber attacks as weaponry in their military stockpile,” General James Cartwright told the U.S.-China Economic and Security Review Commission. Cartwright declared that the outcomes of a cyberattack “could be in the measure of a weapon of mass destruction.”
Andrew Palowitch, now an adviser to the U.S. Strategic Command, cited statistics, furnished by Cartwright, that over 36,000 breaches of government and private networks happened in 2007. The Defense Department experience over 750,000 computer attacks and some of the attacks “reduced the military’s capabilities,” Palowitch said.
Then President George W. Bush waited until the end of his administration to act. Many security experts were surprised that Bush was slow to move in taking measures to improve the security of government networks. Despite Cabinet-level and White House officials warning about the threat for years to anyone that would listen, Bush gave little top-level support for a comprehensive cyber-security plan. “He ignored it, one former senior administration flatly state.
Mike McConnell, retired Director of National Intelligence, personally drove the point home to Bush in an Oval Office meeting in 2006.
Lawrence Wright, writing in The New Yorker, said that McConnell informed Bush during the meeting, “If the 9/11 perpetrators had concentrated on a single U.S. bank through cyber attacks, it would have had an order-of-magnitude impact, on the American economy, greater” than the planes going into the Twin Towers.
Disturbed by the remark, Bush turned to then-Treasury Secretary Henry Paulson and asked if McConnell was correct. Paulson reassured the president he was.
The meeting finally nudged The White House out of its atrophic state. Bush issued an executive order to strengthen government-network defenses.
Known as the “cyber-initiative,” the order was issued in January and remains classified. Insiders report that the mandate empowers the National Security Agency to observe federal computer systems and roll back a number of government intersections with the public Internet.
Limiting connecting points are the same thing as pulling up drawbridges. Security experts say the government can do little and the idea of “unplugging” from the Internet to ward off intrusions shows the lack of government preparation.
Considering the political repercussions that could happen from a determined Chinese attack, skeptics have wondered if the Chinese are really behind the high-profile events.
Bennett acknowledges that it is technologically challenging to connect the origin of any cyber attack. Notwithstanding his certainties that the administration has sourced cyber-attacks to China, others are urging prudence.
“We want to identify an actual villain, so we’re looking globally,” Bennett said. Bennett notes that some hackers instigate their cyber-attacks through networks based in other nations and that China is an obvious cover. “I believe all of us should learn that not all you see is accurate.”
Amit Yoran, the first director of DHS’s National Cyber Security Division, echoed Bennett’s thoughts. “I believe it may be ignorant to insinuate that everything that claims to come from China comes from China.”
Even skeptics doubt that China is seeking offensive cyber-capacity. Military examiners say the Chinese realize their limitations in matching America’s military in a head-on confrontation. The inequalities have made Chinese military planners adapt to what the Pentagon calls “asymmetric” methods.
American military officials see cyber-warfare as just one of various techniques to interrupt an enemy’s command and control system. The Chinese plan is not to beat American military might, but to make it more difficult for U.S. military to succeed.
China’s fighting history has remained characterized by asymmetric hostilities says Harry Harding, an expert on Chinese/American relations. If the American government works to defend its operations, the Chinese will pivot to the private sector, and Harding points to the economic services industry as an apparent objective. “I have no uncertainty they [China] are doing this,” said Harding.
Based on a story in National Journal.