The Winds of Cyberwar

Credit: National Archives

This week many important American things were shut down by major technology issues, from United Airlines to the New York Stock Exchange, which isn’t without a Hollywood precedent.

When considering how this week hackers allegedly affiliated with the Chinese government stole the Social Security numbers of some 20 million Americans, we can’t help but wonder: Is this what cyberwar with China feels like? With that calming thought, here are some background pieces you may want to read. Maybe even print out. Just in case.

“Intelligence Gap: How a Chinese National Gained Access to Arizona’s Terror Center” (ProPublia/Center for Investigative Reporting)

How the Phoenix intelligence center found itself vulnerable to a serious security breach, however, was neither much of a technological feat nor, it seems, the result of masterful espionage. Indeed, an investigation by The Center for Investigative Reporting and ProPublica—built on more than 50 interviews and the examination of thousands of pages of federal investigative reports, criminal and civil court filings, internal correspondence and immigration records—shows the episode at the intelligence center came off rather easily.

“Chinese Army Unit Is Seen as Tied to Hacking Against U.S.”
(New York Times)

Unit 61398 — formally, the 2nd Bureau of the People’s Liberation Army’s General Staff Department’s 3rd Department — exists almost nowhere in official Chinese military descriptions. Yet intelligence analysts who have studied the group say it is the central element of Chinese computer espionage. The unit was described in 2011 as the “premier entity targeting the United States and Canada, most likely focusing on political, economic, and military-related intelligence” by the Project 2049 Institute, a nongovernmental organization in Virginia that studies security and policy issues in Asia.

“Ex-NSA Director: China Has Hacked ‘Every Major Corporation’ in U.S.”

The U.S. government has said it has caught Chinese spies stealing blueprints and business plans. Last year, federal prosecutors took the unprecedented step of filing formal criminal charges against five Chinese government spies for breaking into Alcoa, U.S. Steel Corp., Westinghouse and others.

But McConnell’s assertion is different. It would mean that no large company can escape the massive theft of American entrepreneurial ideas.

In his speech, McConnell also said that during the final years of the Bush administration, the Chinese government employed a jaw-dropping 100,000 hackers dedicated solely to breaking into computers. By comparison, he said the United States had that many spies—total.

“Enter the Cyber-Dragon”
(Vanity Fair)

Because the People’s Republic of China is such a massive entity, it is impossible to know how much Chinese hacking is done on explicit orders from the government. In some cases, the evidence suggests that government and military groups are executing the attacks themselves. In others, Chinese authorities are merely turning a blind eye to illegal activities that are good for China’s economy and bad for America’s. Last year Google became the first major company to blow the whistle on Chinese hacking when it admitted to a penetration known as Operation Aurora, which also hit Intel, Morgan Stanley, and several dozen other corporations. (The attack was given that name because the word “aurora” appears in the malware that victims downloaded.) Earlier this year, details concerning the most sweeping intrusion since Operation Aurora were discovered by the cyber-security firm McAfee. Dubbed “Operation Shady rat,” the attacks (of which more later) are being reported here for the first time. Most companies have preferred not to talk about or even acknowledge violations of their computer systems, for fear of panicking shareholders and exposing themselves to lawsuits—or for fear of offending the Chinese and jeopardizing their share of that country’s exploding markets. The U.S. government, for its part, has been fecklessly circumspect in calling out the Chinese.