US, China engage in cyber warfare

US, China engage in cyber warfare

US, China engage in cyber warfare

AP photo

The United States and China are continuing to trade charges over cyber attacks, after a security firm alleged that Beijing was in control of hackers who had penetrated the U.S. government, companies and media.

The U.S. firm, Mandiant, said cyber attacks had been traced back to a non-descript, 12-story building on the outskirts of Shanghai, where China’s army was believed to be in charge of hundreds if not thousands of hackers. Security outside the building in Shanghai’s northern suburb of Gaoqiao was tightened after it became the object of media attention.

In a 74-page report, the firm said that the hacking group “APT1,” from the initials “Advanced Persistent Threat” and known also as “Comment Crew” for its practice of planting viruses on the comment sections of websites, was believed to be a branch of what is known as Unit 61398 of the People’s Liberation Army.

“We believe that APT1 is able to wage such a long-running and extensive cyber espionage campaign in large part because it receives direct government support,” Mandiant said.

Unit 61398 is located in Shanghai’s Pudong district, China’s financial and banking hub, and is staffed by perhaps thousands of people proficient in English as well as computer programming and network operations, Mandiant said in its report. The unit had stolen “hundreds of terabytes of data from at least 141 organizations across a diverse set of industries beginning as early as 2006”, it said. Most of the victims were located in the United States, with smaller numbers in Canada and Britain. The information stolen ranged from details on mergers and acquisitions to the emails of senior employees, the company said.

“We are in a cyber war but most Americans don’t know it,” chairman of the House Intelligence Committee and Republican Congressman Mike Rogers said during last week’s unveiling Cyber Intelligence Sharing and Protection Act (CISPA). CISPA is a proposed law in the U.S. which would allow for the sharing of Internet traffic information between the U.S. government and certain technology and manufacturing companies.

“Every morning in China, thousands of highly-trained computer engineers wake up with one mission: Steal American intellectual property that the Chinese can in turn use to compete against us in the international market,” Rogers wrote in a piece for The Detroit News recently.

White House spokesman Jay Carney said U.S. officials “regularly raise this issue with Chinese officials, including officials in the military,” while State Department spokeswoman Victoria Nuland said cyber theft was a “serious concern” that comes up “in virtually every meeting we have with Chinese officials” including “at the highest levels.”

“We consider this kind of activity a threat not only to our national security but also to our economic interests and we are laying out our concerns specifically so that we can see if there’s a path forward,” she said.

China’s Defense Ministry rebuffed the report yesterday, saying there was no internationally agreed definition of hacking.

Defense Ministry spokesman Geng Yansheng said in a statement that Mandiant’s claims had “no factual basis” and insisted there was no consensus on what qualified as hacking.

“There has been no clear internationally agreed definition for ‘cyber attacks,’” he said, adding that the report “subjectively deduced” that online activities amounted to cyber spying.

He reiterated previous arguments by Beijing officials that attacks traced to Chinese IP addresses did not necessarily originate in the country. “Cyber attacks are by nature transnational, anonymous and deceptive, and the origin of attacks is highly uncertain,” he said. “It’s widely known that using stolen IP addresses to carry out hacking attacks is happening practically every day.”

Concerns have been rising in the United States as prominent companies and media outlets report cyber attacks. Apple was the latest to report a hacking attempt on Feb. 19, although it said no data was stolen. The New York Times said hackers stole its corporate passwords and accessed the personal computers of 53 employees after the newspaper published a report on the family fortune of China’s Premier Wen Jiabao. The New York Times said the researchers had found that the Comment Crew was increasingly focused on companies involved in U.S. infrastructure, including in its electrical power grid, gas lines and water works. One target, the newspaper reported, was a company with remote access to more than 60 percent of oil and gas pipelines in North America.

In his State of the Union address last week, U.S. President Barack Obama said the potential ability of outsiders to sabotage the nation’s critical infrastructure was a major concern.