U.S. experts are concerned by the growing number of cyber attacks coming from China. According to Akamai Technologies’s recent report, one-third of all observed computer attacks from July through September last year came from China. The report noted, "China has been consistently responsible for the largest percentage of observed attacks since (the fourth quarter of) 2011." While some of the attacks on western businesses seem intricate and complicated, the majority of hacks have been described as a swarm of relatively unsophisticated but persistent attempts to gain access.
Using a practice known as “spear-phishing” has proved successful for hackers targeting western businesses lately. "Spear-phishing" is a technique of disguising an email so that it seems to be sent from a legitimate source. This lures the victim into opening an attachment or clicking a link that unleashes malicious software on the computer and infects the company directory. Thomas Parenty, a former employee of the U.S. National Security Agency who now advises foreign firms in China on computer security explained, "To do a spear-phishing attack of this kind is a well-established move in attacks against Google and various U.S. defense contractors from China."
The hackers’ most recent siege seems to be specifically targeting Media Outlets like the New York Times and the Washington Journal. Shawn Henry, a former FBI cybersecurity specialist and current president of CrowdStrike Inc., a computer-security firm explained, "We know there are campaigns that are launched by specific groups targeting specific sectors. When governments are actively collecting intelligence, they have developed subject-matter experts in particular industries." In the first instance the hackers accessed the New York Times' system and collected the passwords of all their employees. Paula Keve, a spokeswoman for Journal publisher Dow Jones, noted in a written statement Thursday, “Evidence shows that infiltration efforts target the monitoring of the Journal's coverage of China and are not an attempt to gain commercial advantage or to misappropriate customer information.”
The attacks are about gaining Information, not identity theft. According to Parenty, "In the past they've been pretty much focused on either intellectual properties, such as the hacking of defense companies, or dissidents they want to get at, like the Google Gmail attacks. In this case, it appears they were trying to be able to get to people who talked to The New York Times -- they could make their lives miserable and send the message: Don't do this… They love to instill fear so people self censor or limit what they would say or do with the media." In the past Chinese authorities have been known to penalize Chinese nationals who have passed information to foreign reporters. “It's part of this overall story that the Chinese want to know what the West thinks of them," Richard Bejtlich, chief security officer with Mandiant Corp., the computer-security company hired by the New York Times to investigate its breach.
Is there cause for real concern or was an article in Beijing’s the People's Daily under the correct assumption when it reported, "America keeps labeling China as hackers, simply playing up the rhetoric of the 'China threat' in cyberspace, providing new justification for America's strategy of containing China." The U.S. Federal Bureau of Investigation seems to think there’s a matter for concern. It has been probing media hacking incidents they consider a national-security matter for more than a year now. They’re not the only ones worried. "China continues to develop its capabilities in the cyber arena," the US China Economic and Security Review Commission said in a report to Congress delivered in November 2012. "U.S. industry and a range of government and military targets face repeated exploitation attempts by Chinese hackers as do international organizations and nongovernmental groups including Chinese dissident groups, activists, religious organizations, rights groups, and media institutions."
In response, the US department of defense’s Cyber Command has approved a five-fold expansion of its cyber-security force over the coming years. The current staff of about 900 will expand to about 4900 troops and civilians in a bid to increase its ability to defend critical computer networks.
Image created by BlackChip Solutions.