U.S. businesses and government agencies are facing increasing risks of potential cyber attacks from China, according to a recent report. And IT departments that react defensively to such attacks may not be doing enough to prevent a “long term, sophisticated computer network exploitation campaign” by the Chinese military, warns the “Report on the Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation.”
The report indicates that “The Chinese military, using increasingly networked forces capable of communicating across service arms and among all echelons of command, is pushing beyond its traditional missions focused on Taiwan and toward a more regional defense posture.” And in the event of an armed conflict, the Chinese military would likely attack U.S. computer network, the report says.
Cyber attacks are not new to U.S. companies. China is the suspected origination of a cyber attack in 2008 on U.S. oil companies. A law firm representing a Santa Barbara, Calif., company that sued China for allegedly pirating its Internet content filtering software, in January reported that it has been the target of cyber attacks from within China. The firm had filed a $2.2 billion federal lawsuit on behalf of Cybersitter LLC, alleging the Chinese copied its codes and incorporated them into censorware used to block Chinese citizens’ access to sites deemed politically undesirable by the government.
And David Drummond, Google Inc.’s senior vice president for Corporate Development and chief legal officer, blogged about how intellectual property was stolen from his company in mid-December.
“Like many other well-known organizations, we face cyber attacks of varying degrees on a regular basis,” Drummond wrote. “However, it soon became clear that what at first appeared to be solely a security incident — albeit a significant one — was something quite different.”
Drummond said the December cyber attack turned out to involve at least 20 other large companies from a variety of businesses, including the Internet, finance, technology, media and chemical sectors. In this case, the attack appears to have been perpetrated to access the accounts of certain Chinese human rights activists. Yet the attack was significant enough to cause Google to review other attempts that occurred over the past year, and to re-evaluate the feasibility of its business operations in China, he said.
The types of information often targeted for exfiltration may have no monetary value to cyber criminals like credit card number or bank account information, the report says. Nevertheless, the report warns that “China is likely using its maturing computer network exploitation capability to support intelligence collection against U.S. government and industry …” and that “the problem is characterized by disciplined, standardized operations, sophisticated techniques, access to high-end software development resources, a deep knowledge of the targeted networks, and an ability to sustain activities inside targeted networks, sometimes over a period of months.”
“If Chinese operators are, indeed, responsible for even some of the current exploitation efforts targeting U.S. government and commercial networks, then they may have already demonstrated that they possess a mature and operationally proficient computer network operations capability,” the report concludes.
The report was prepared by Northrup Grumman Corp. for the U.S.-China Economic and Security Review Commission, which was formed in 2000 to monitor, investigate, and provide recommendations to Congress on the national security implications of the bilateral trade and economic relationship between the United States and the People’s Republic of China. To view the report in its entirety, visit http://www.uscc.gov/researchpapers/2009/NorthropGrumman_PRC_Cyber_Paper_FINAL_Approved%20Report_16Oct2009.pdf.
The Associated Press contributed to this article.
Was this article valuable?
Here are more articles you may enjoy.