prototype
SENIOR MEMBER
- Joined
- Mar 2, 2010
- Messages
- 2,672
- Reaction score
- 0
In Cyberspy vs. Cyberspy, China leads
America and China have grown more economically and financially intertwined, as such the 2 Nations have also stepped up spying on each other.
Today, most spying is done electronically, with computers rather than listening devices in chandeliers or human moles at cocktail parties, and of right now many experts believe China has gained the upper hand.
Though it is difficult to know the extent of Americas capabilities and activities in this area, a series of secret diplomatic cables as well as interviews with experts suggest that when it comes to cyber-espionage, China has leaped ahead of the USA.
According to US investigators, China has stolen terabytes of sensitive data, from usernames and passwords for State Department computers to designs for multi-billion dollar weapons systems.
And Chinese hackers show no signs of slowing down. The attacks coming out of China are not only continuing, they are accelerating, says Alan Paller, Director of Research at information-security training group SANS Institute in Washington, DC.
Secret US State Department cables, obtained by WikiLeaks and made available to the media by a 3rd party, trace systems breaches, colorfully code-named Byzantine Hades by US investigators, to the Chinese military. An April 2009 cable pinpoints the attacks to a specific Unit of Chinas Peoples Liberation Army (PLA).
Privately, US officials suspect that the Chinese government, and in particular the Military is behind the cyber-attacks. What was never disclosed publicly, until recently, was the evidence.
US efforts to halt Byzantine Hades Hacks are ongoing, according to sources familiar with investigations. In the April 2009 cable, officials in the State Departments Cyber Threat Analysis Division noted that several Chinese-registered Web sites were involved in Byzantine Hades intrusion activity in Y 2006.
The sites were registered in the city of Chengdu, the capital of Sichuan Province in central China, according to the cable.
A person named Chen Xingpeng set up the sites using the precise postal code in Chengdu used by the Peoples Liberation Army Chengdu Province
First Technical Reconnaissance Bureau (TRB), an electronic espionage unit of the Chinese military. Much of the intrusion activity traced to Chengdu is similar in tactics, techniques and procedures to, Byzantine Hades, activity attributed to other electronic spying units of the Peoples Liberation Army, the cable says.
Reconnaissance bureaus are part of the Peoples Liberation Armys Third Department, which oversees Chinas electronic eavesdropping, according to an October 2009 report by the US.-China Economic and Security Commission, a panel created by Congress to monitor potential national security issues related to US-China relations.
Staffed with linguists and technicians, the Third Department monitors communications systems in China and abroad. At least 6 Technical Reconnaissance Bureaus, including the Chengdu Unit, are likely focused on defense or exploitation of foreign networks, the commission report states.
The precise relationship with the Chinese Army of suspected Hacker Chen Xingpeng has not been determined. A spokesman for the Chinese Embassy in Washington did not respond to multiple requests for comment. The US State Department also declined to comment.
But the leaked cables and other US government reports point out how Chinese and other State-sponsored and private Hackers have overwhelmed US government computer networks.
In the last 5 yrs, cyber-intrusions reported to the US Computer Emergency Response Team, a Unit of the Department of Homeland Security, have increased more than 650%, from 5,503 incidents in F-Y 2006 to 41,776 4 yrs later, according to a March 16 report by the Government Accountability Office.
The official figures do not account for intrusions into commercial computer networks, which are part of an expanding cyber-espionage campaign attributed to China, according to current and former US national security officials and computer-security experts.
In the last 2 yrs, dozens of US companies in the Technology, Oil-Gas and Financial sectors have disclosed that their computer systems have been infiltrated.
In January 2010, Internet search giant Google announced it was the target of a sophisticated cyber-attack using malicious code dubbed Aurora, which compromised the accounts of human rights activists and succeeded in accessing Google source code repositories. The Company blamed the attack on the Chinese government.
The Google attack was certainly an escalation of Chinese network operations against the US, says Joel Brenner, former Counterintelligence Chief for the Office of the Director of National Intelligence. Thousands of US companies were targeted in the Aurora attacks, Brenner says, far more than the estimated 34 companies publicly identified as targets to date, a scale which Brenner says demonstrates Chinas heavy-handed use of state espionage against economic targets.
Many firms whose business revolves around intellectual property, tech firms, defense group companies, even Formula One teams, complain that their systems are now under constant attack to extract proprietary information.
Some security officials say firms doing business directly with Chinese state-linked companies, or which enter fields in which they compete directly, found themselves subject to a Wall of Hacking attempts almost immediately.
The full scope of commercial computer intrusions is unknown. A study released by computer-security firm McAfee and government consulting company SAIC on March 28 shows that more than 50% of some 1,000 companies in the United States, Britain and other countries decided not to investigate a computer-security breach because of the cost.
One in 10 companies will only report a security breach when legally obliged to do so, according to the study.
Simply put, corporations cannot afford negative publicity about computer security breaches, says Tom Kellermann, Vice President of security awareness at Core Security Technologies and a contributor to the study.
http://http://www.livetradingnews.com/usa-china-and-cyberspys-39769.htm
America and China have grown more economically and financially intertwined, as such the 2 Nations have also stepped up spying on each other.
Today, most spying is done electronically, with computers rather than listening devices in chandeliers or human moles at cocktail parties, and of right now many experts believe China has gained the upper hand.
Though it is difficult to know the extent of Americas capabilities and activities in this area, a series of secret diplomatic cables as well as interviews with experts suggest that when it comes to cyber-espionage, China has leaped ahead of the USA.
According to US investigators, China has stolen terabytes of sensitive data, from usernames and passwords for State Department computers to designs for multi-billion dollar weapons systems.
And Chinese hackers show no signs of slowing down. The attacks coming out of China are not only continuing, they are accelerating, says Alan Paller, Director of Research at information-security training group SANS Institute in Washington, DC.
Secret US State Department cables, obtained by WikiLeaks and made available to the media by a 3rd party, trace systems breaches, colorfully code-named Byzantine Hades by US investigators, to the Chinese military. An April 2009 cable pinpoints the attacks to a specific Unit of Chinas Peoples Liberation Army (PLA).
Privately, US officials suspect that the Chinese government, and in particular the Military is behind the cyber-attacks. What was never disclosed publicly, until recently, was the evidence.
US efforts to halt Byzantine Hades Hacks are ongoing, according to sources familiar with investigations. In the April 2009 cable, officials in the State Departments Cyber Threat Analysis Division noted that several Chinese-registered Web sites were involved in Byzantine Hades intrusion activity in Y 2006.
The sites were registered in the city of Chengdu, the capital of Sichuan Province in central China, according to the cable.
A person named Chen Xingpeng set up the sites using the precise postal code in Chengdu used by the Peoples Liberation Army Chengdu Province
First Technical Reconnaissance Bureau (TRB), an electronic espionage unit of the Chinese military. Much of the intrusion activity traced to Chengdu is similar in tactics, techniques and procedures to, Byzantine Hades, activity attributed to other electronic spying units of the Peoples Liberation Army, the cable says.
Reconnaissance bureaus are part of the Peoples Liberation Armys Third Department, which oversees Chinas electronic eavesdropping, according to an October 2009 report by the US.-China Economic and Security Commission, a panel created by Congress to monitor potential national security issues related to US-China relations.
Staffed with linguists and technicians, the Third Department monitors communications systems in China and abroad. At least 6 Technical Reconnaissance Bureaus, including the Chengdu Unit, are likely focused on defense or exploitation of foreign networks, the commission report states.
The precise relationship with the Chinese Army of suspected Hacker Chen Xingpeng has not been determined. A spokesman for the Chinese Embassy in Washington did not respond to multiple requests for comment. The US State Department also declined to comment.
But the leaked cables and other US government reports point out how Chinese and other State-sponsored and private Hackers have overwhelmed US government computer networks.
In the last 5 yrs, cyber-intrusions reported to the US Computer Emergency Response Team, a Unit of the Department of Homeland Security, have increased more than 650%, from 5,503 incidents in F-Y 2006 to 41,776 4 yrs later, according to a March 16 report by the Government Accountability Office.
The official figures do not account for intrusions into commercial computer networks, which are part of an expanding cyber-espionage campaign attributed to China, according to current and former US national security officials and computer-security experts.
In the last 2 yrs, dozens of US companies in the Technology, Oil-Gas and Financial sectors have disclosed that their computer systems have been infiltrated.
In January 2010, Internet search giant Google announced it was the target of a sophisticated cyber-attack using malicious code dubbed Aurora, which compromised the accounts of human rights activists and succeeded in accessing Google source code repositories. The Company blamed the attack on the Chinese government.
The Google attack was certainly an escalation of Chinese network operations against the US, says Joel Brenner, former Counterintelligence Chief for the Office of the Director of National Intelligence. Thousands of US companies were targeted in the Aurora attacks, Brenner says, far more than the estimated 34 companies publicly identified as targets to date, a scale which Brenner says demonstrates Chinas heavy-handed use of state espionage against economic targets.
Many firms whose business revolves around intellectual property, tech firms, defense group companies, even Formula One teams, complain that their systems are now under constant attack to extract proprietary information.
Some security officials say firms doing business directly with Chinese state-linked companies, or which enter fields in which they compete directly, found themselves subject to a Wall of Hacking attempts almost immediately.
The full scope of commercial computer intrusions is unknown. A study released by computer-security firm McAfee and government consulting company SAIC on March 28 shows that more than 50% of some 1,000 companies in the United States, Britain and other countries decided not to investigate a computer-security breach because of the cost.
One in 10 companies will only report a security breach when legally obliged to do so, according to the study.
Simply put, corporations cannot afford negative publicity about computer security breaches, says Tom Kellermann, Vice President of security awareness at Core Security Technologies and a contributor to the study.
http://http://www.livetradingnews.com/usa-china-and-cyberspys-39769.htm
