Intelligence Report: China Targets U.S. with Cyber-Espionage
By Barry Levine / CIO Today. Updated February 11, 2013.
It seems like the premise of a Cold War novel. A new intelligence assessment concludes that the United States is the target of a sustained campaign of cyber-espionage being directed out of China.
According to a report in Sunday's Washington Post, the National Intelligence Estimate pinpoints China as aggressively attempting to infiltrate the computers of American companies and governmental agencies, as a way to gain economic leverage. The report cites "individuals familiar with the report," who spoke on condition of anonymity.
The Estimate is the consensus view of U.S. intelligence agencies, and it said the sustained hacking attacks over the last five years targeted a variety of economically critical industries, including finance, energy, IT, aerospace and automobiles. The financial impact is not included in the report, but the Post story said that outside experts estimate the impact as being in the tens of billions of dollars. The Chinese government has consistently denied any role in cyber-attacks.
Stream of Stories
A steady stream of stories in the last few years have consistently pointed to major, organized hacking efforts originating in China.
A survey last spring of IT professionals by security firm Bit9, for instance, found that 64 percent of respondents expected their organization to be the target of an organized cyber-attack within six months. Among those who expressed concern about attacks from specific nations, China was tops.
In February of last year, Nortel Networks revealed that hackers, thought to be based in China, had access to the company's internal network for almost a decade. The hackers obtained technical papers, R&D reports, business plans, and internal e-mails, among other documents. There were indications that some of the data was sent to e-mail addresses in Shanghai.
In August 2011, a report from security firm McAfee detailed sophisticated cyber-attacks over five years on 72 organizations, including the United Nations, the International Olympic Committee, the government of India, and military contractors and steel companies in the U.S. Although the attacker was not identified, some security experts said there were signs pointing to China -- including the fact that Chinese institutions and companies were not targeted.
U.S. Reviewing Options
In June 2011, Google reported that a cyber-attack, originating in China, had attempted to steal Gmail user names and passwords, including those of U.S. government officials and Chinese political activists. Google's report was substantiated by one of the U.S. diplomatic cables released by WikiLeaks. The cable, sent by the U.S. Embassy in China to Washington, D.C., reported that it knew of a "Chinese contact" who confirmed that country's role in the attack.
There have also been cyber-attacks that reportedly came from China on the network security company RSA Security, the defense contractor Lockheed Martin, and The New York Times, The Wall Street Journal and The Washington Post.
The Post noted that the Obama administration is reviewing options to combat online attacks, including those on trade secrets, through formal diplomatic protests or expulsion of Chinese diplomats, complaints filed to the World Trade Organization, and other measures.
The Intelligence Estimate noted that hacking for economic intelligence has also been conducted by Russia, Israel and France, but said their efforts were minor compared with the attacks emanating from China.