Chinese Cyber Warfare: Has the US Found a Smoking Gun?
Like most such issues, it all depends upon whom you ask.
A report out last year from cyber security firm Symantec (NASDAQ:SYMC) revealed that 29 chemical companies and “another 19 in various other sectors, primarily the defense sector” were the victims of a two-and-a-half-month cyber espionage campaign.
According to Technical Director for Security Response Eric Chien and Security Response Manager Gavin O’Gorman, the attacks were traced to a US-based computer network, owned and controlled by a “20-something male located in the Hebei region in China.”
From Chien and O’Gorman [PDF]:
The goal of the attackers appears to be to collect intellectual property such as design documents, formulas, and manufacturing processes. In addition, the same attackers appear to have a lengthy operation history including attacks on other industries and organizations. Attacks on the chemical industry are merely their latest attack wave.
The attackers have changed their targets over time. From late April to early May, the attackers focused on human rights related NGOs. They then moved on to the motor industry in late May. From June until mid-July no activity was detected. At this point, the current attack campaign against the chemical industry began. This particular attack has lasted much longer than previous attacks, spanning two and a half months.
While Symantec did not identify the companies targeted, Reuters contacted a DuPont (NYSE:DD) spokesman, who said simply, "We don't comment on cyber security issues." However, Dow Chemical (NYSE:DOW) confirmed to the BBC that “it had been the target of ‘unusual emails’ received during the summer."
Employees at the targeted companies typically received bogus emails warning of security issues in Adobe (NASDAQ:ADBE) Reader, along with an attached file containing a “fix.” After clicking on one of the two attachments, control of the user’s computer would then be turned over to the intruders through the use of a virus known as “Poison Ivy.”
"This is unfortunately becoming a new normal behavior,” Greg Day, Symantec's chief technology officer, told the BBC.
This “new normal” has, by one estimate, 50,000 individual cyber espionage attacks occurring every 24 hours. The solution, if there is one, may lie in shifting the approach companies take in fighting it, Kolthoff explained to me after the Symantec report was released.
“Organizations have invested a lot of capital in proactive measures,” he said. “But I believe the key is in being reactive.”
“When I was working for the government, I never got to the office and said, ‘Hmm, I wonder if foreign intelligence agencies are collecting against us,” Kolthoff told me. “Of course they were. So, my thinking was always, ‘I hope we get a report in today that will help us identify who is behind this.’”
“Most companies -- and countries -- are too willing to turn a blind eye to this and just not acknowledge it; it’s too politically fraught,” Kolthoff continued. “But civilian entities are finally waking up to the fact that businesses don’t play nice. Whether that’s an insider that didn’t receive the promotion or bonus they wanted, or a competitor overseas, there are no rules of engagement.”
A Delicate Balance
When national security, online privacy, and China come together, the possibility of an outsized response is a very real one. For Collin Anderson, the context in which this matters revolves around one thing: freedom of expression.
“These same security mechanisms and policies can interfere with anonymous communications and be used for malicious purposes -- a valid fear, a common fear," Anderson says. "But the Commission is talking about infrastructure and economic interests, and when you start framing the conversation like that, it often runs contrary to freedom of expression issues, which butts up against people like me.”
The final version of the US-China Economic and Security Review Commission's 2012 Report to Congress will be released on Wednesday, November 14.
Follow Justin Rohrlich on Twitter: @chickenalaking
Copyright 2011 Minyanville Media, Inc. All Rights Reserved.