Claims that China-based teams are cyber spying on West
AMERICAN cyber security and consultancy company, Mandiant, has published a report giving the most detailed claims of Chinese cyber espionage so far and linking them to a Chinese military unit.
The report, published in January 2013, says there is sufficient evidence to conclude that these hacking groups are based primarily in China and the Chinese government is aware of them.
China has rebuffed the Mandiant report, stating it has ‘no factual basis’. The Mandiant report alleges that a Chinese hacking group from the People’s Liberation Army (PLA), called APT1 (Advanced Persistent Threat) has stolen hundreds of terabytes of sensitive commercial and government data from 141 organisations across 20 industries and 15 countries since 2006.
The report endorses a document, produced by all 16 US intelligence agencies, which concluded that many of the Chinese hacking groups are either run by army officers or are contractors working for Chinese intelligence.
US investigators say they have traced the military unit alleged to be carrying out the hacking to a 12-storey office block in the Pudong area of Shanghai, estimated to have a staff of hundreds or even thousands.
Cyber attacks are normally anonymous and trans-national, making it very difficult to trace the origins of attacks. The report says that when the unit establishes access to a victim’s network via a cyber attack, it continues to access the targeted person or institution periodically over several months or a year. Recent Chinese cyber attacks are also believed to have targeted journalists, lawyers and human rights activists, and their network of people in power who potentially have influence over political decisions made by governments and parliaments in Western democracies.
The Mandiant investigation has also found that APT1 has targeted at least four of the seven strategic emerging industries that China identified in its most recent five-year plan.
Activities focus in particular on the strategic emerging industries and green technology to which the Chinese leadership has given enormous regulatory and market advantages.
Espionage attacks can also find sensitive information on the negotiating strategies of international rivals for company takeovers or other business deals.
The world’s best-known computer search engine, Google, has accused Chinese hackers of stealing large amounts of intellectual property and sensitive customer data in what has become known as Operation Aurora.
A total of 30 more US high-tech companies, including Adobe and Cisco Systems, are believed to have been attacked from China, according to US press and analytical reports published in 2010.
A joint investigation by 14 US intelligence agencies in November 2011 informed the US Congress that China and Russia were the leaders in the state-sponsored digital theft of trade secrets and technology. The FBI (Federal Bureau of Investigation) says it has proof of more than 90,000 cyber attacks on the Pentagon from China in 2009 alone.
The attacks on the energy industry reportedly caused losses of more than US$38 billion (30 billion euros). The attacks have demonstrated that targets now increasingly include global corporate and commercial targets.
Western intelligence sources believe there are 500,000 to one million private Chinese hackers involved in industrial attacks, in addition to those allegedly carried out by its intelligence agencies.
These hackers reportedly work as ‘freelancers’ for the Chinese government, the intelligence services and industry.
The Chinese government officially denies all Chinese cyber attacks and claims that its own cyber warfare strategies are wholly defensive. Chinese experts say that cyber crime is also rocketing in China and becoming increasingly professional and well-organised.
Chinese sites were reportedly attacked around 144,000 times each month in 2012 – two thirds of these came from the US (62.9 per cent), according to China’s defence ministry.
It says cyber attacks on its own computer networks are targeting China’s rapidly expanding oil and gas pipelines and electricity networks.
The mounting problem has changed the way America approaches cyber security. Chinese cyber attacks are now perceived to be so aggressive and all-pervasive that US companies have demanded their government put China under strong political pressure. But Beijing has itself called for international ‘rules and cooperation’.
the increasing cyber attack capabilities of ‘rogue states’ like North Korea and Iran, and those of trans-national cyber crime organisations, are expected to increase significantly and present highly-industrialised countries like the US and the EU-27 member states with new security threats.