Friday, February 28, 2014
Chinese cyber attacks and how Edward Snowden became their not so secret weapon.
China’s military hackers are back, more brazen than ever. You can thank Edward Snowden.
A year ago, the Internet security firm Mandiant went public with what cyber-war watchers had known for some time: Unit 61398, a secret branch of the Chinese military, had been behind more than 1,000 cyber attacks on Western targets since 2006. Employing thousands of trained cyber warriors housed in a 12-story building in Shanghai — and backed by an enormous militia of part-time hackers — Unit 61398 had been waging a constant war on foreign banks, infrastructure, defense firms and government agencies, including one spectacular 2007 raid on the Pentagon that shut down 1,500 different Defense Department networks.
The resulting international sensation forced a reluctant President Obama to confront the Chinese premier on the issue. Beijing issued its usual furious denial — but the attacks stopped and Unit 61398 fell from the headlines.
But now we know they didn’t stop for long — and the West and the Obama administration are looking as ill-prepared and impotent as ever in dealing with the threat. China’s usual attacks on banks, weapons manufacturers and other juicy targets are now back to almost daily.
The first big attack came as early as late May, when Chinese hackers raided networks at top US defense firms, swiping information on more than two dozen weapons systems.
In October, they hit the Federal Electoral Commission, suggesting the People’s Liberation Army is looking at ways to interfere in the US electoral process.
In December, they launched a series of attacks on the foreign ministries of five countries ahead of the G-20 summit, using an infected e-mail attachment that was supposed to provide updates on the Syria crisis. (Not as clever as Unit 61398’s similar 2011 attack, which used an e-mail promising nude photos of then French President Nicholas Sarkozy’s wife, Carla Bruni.)
The latest outrage came Feb. 11, when evidence revealed Chinese cyber warriors had cracked open the Veterans of Foreign Wars computer system — itself not an obvious security threat, but part of what experts believe was a much broader attack on US military personnel records and files, both past and current.
Most striking is how bold the attacks have grown. The Chinese are apparently so confident we can’t (or won’t) stop them that they’ve gotten sloppy. Examining hacker codes left behind on US military and commercial networks, Internet-security engineers have been finding bits of code identical to Chinese commercial software sold for export by companies with contracts with the People’s Liberation Army.
What has emboldened the Chinese military hackers?
Well that would be Edward Snowden.
The Snowden defection back in June was a double gift for China’s hackers (as well as for Russian ones — the State Department even issued a warning that any cellphone or laptop brought to the Sochi Olympics would almost certainly be hacked there, and its passwords stolen).
The data Snowden brought with him to Hong Kong included a wealth of information about how our intelligence agencies fight and trace hackers, as well as on the NSA’s own hacking efforts in China.
Not only has the information that Snowden carried into China given them the blueprint for how our data gathering system work, but the fact that we have data gathering systems has allowed China, who hacks into American businesses to sell the information to Chinese businesses, to play the moral equivalency game.
If the US does it, how can they point the finger at us?
Here is more from a Newsweek article from November:
"Snowden couldn't have played better into China's strategy for protecting its cyber activities if he had been doing it on purpose,'' one American intelligence official says.
Snowden's revelations quickly veered away from what he called the NSA's "domestic surveillance state" to overseas espionage by the United States. After fleeing to Hong Kong, he provided local reporters with NSA documents and told them the United States was hacking major Chinese telecommunications companies, a Beijing university and the corporate owner of the region's most extensive fiber-optic submarine cable network. That information, government officials and industry experts say, is now used by the Chinese to deflect criticisms of their hacking, both in meetings with the administration and at cyber security conferences.
The activities of the two sides, however, are vastly different in scope and intent. The United States engages in widespread electronic espionage, but that classified information cannot legally be handed over to private industry. China is using its surveillance to steal trade secrets, harm international competitors and undermine American businesses.
In Snowden's zeal to be the next Daniel Ellsberg he has instead become perhaps the worst American traitor since Aldrich Ames.
If Snowden had released his information to journalists here in the country, and kept the stolen data within American borders, he could rightfully be called a hero.
But taking such sensitive material out of the country, and reporting on our data gathering process to nations with an adversarial relationship with America, Snowden has not only placed our state secrets in jeopardy, he has also irrevocably damaged out ability to deal with cyber attacks, or hold those who do them accountable.
Source
0 comments:
Post a Comment