U.S. ready to strike back against China cyberattacks
WASHINGTON (AP) - Evidence of an unrelenting campaign of cyberstealing linked to the Chinese government is prompting the Obama administration to develop more aggressive responses to the theft of U.S. government data and corporate trade secrets.
The Obama administration is expected to announce new measures Wednesday, including possible fines and other trade actions against China or any other country guilty of cyber-espionage. Officials familiar with the administration's plans spoke on condition of anonymity because they were not authorized to speak publicly about the threatened action.
The Chinese government denies being involved in the cyberattacks cited in a cybersecurity firm's analysis of breaches that compromised more than 140 companies. On Wednesday, China's Defense Ministry called the report deeply flawed.
Mandiant, a Virginia-based cybersecurity firm, released a torrent of details Monday that tied a secret Chinese military unit in Shanghai to years of cyberattacks against U.S. companies. Mandiant concluded that the breaches can be linked to the People's Liberation Army's Unit 61398.
Military experts believe the unit is part of the People's Liberation Army's cybercommand, which is under the direct authority of the General Staff Department, China's version of the Joint Chiefs of Staff. As such, its activities would be likely to be authorized at the highest levels of China's military.
The release of the Mandiant report, complete with details on three of the alleged hackers and photographs of one of the military unit's buildings in Shanghai, makes public what U.S. authorities have said less publicly for years. But it also increases the pressure on the U.S. to take more forceful action against the Chinese for what experts say has been years of systematic espionage.
"If the Chinese government flew planes into our airspace, our planes would escort them away. If it happened two, three or four times, the president would be on the phone and there would be threats of retaliation," said Shawn Henry, former FBI executive assistant director. "This is happening thousands of times a day. There needs to be some definition of where the red line is and what the repercussions would be."
Henry, the president of the security firm CrowdStrike, said that rather than tell companies to increase their cybersecurity, the government needs to focus more on how to deter the hackers and the nations that are backing them.
James Lewis, a cybersecurity expert at the Center for Strategic and International Studies, said that in the past year the White House has been taking a serious look at responding to China. "This will be the year they will put more pressure on, even while realizing it will be hard for the Chinese to change. There's not an on-off switch," Lewis said.
In denying involvement in the cyberattacks tracked by Mandiant, China's Foreign Ministry said China too has been a victim of hacking, some of it traced to the U.S. Foreign Ministry spokesman Hong Lei cited a report by an agency under the Ministry of Information Technology and Industry that said that in 2012 alone foreign hackers used viruses and other malicious software to seize control of 1,400 computers in China and 38,000 websites.
"Among the above attacks, those from the U.S. numbered the most," Hong said at a daily media briefing, lodging the most specific allegations the Chinese government has made about foreign hacking.
Cybersecurity experts say U.S. authorities do not conduct similar attacks or steal data from Chinese companies but acknowledge that intelligence agencies routinely spy on other countries.
China is clearly a target of interest, said Lewis, noting that the U.S. would be interested in Beijing's military policies, such as any plans for action against Taiwan or Japan.
In its report, Mandiant said it traced the hacking back to a neighborhood in the outskirts of Shanghai that includes a white 12-story office building run by the army's Unit 61398.
Mandiant said there are only two viable conclusions about the involvement of the Chinese military in the cyberattacks: Either Unit 61398 is responsible for the persistent attacks, or they are being done by a secret organization of Chinese speakers, with direct access to the Shanghai telecommunications infrastructure, who are engaged in a multi-year espionage campaign being run right outside the military unit's gates.
"In a state that rigorously monitors Internet use, it is highly unlikely that the Chinese government is unaware of an attack group that operates from the Pudong New Area of Shanghai," the Mandiant report said, concluding that the only way the group could function is with the "full knowledge and cooperation" of the Beijing government.
The unit "has systematically stolen hundreds of terabytes of data from at least 141 organizations," Mandiant wrote. A terabyte is 1,000 gigabytes. The most popular version of the new iPhone 5, for example, has 16 gigabytes of space, while the more expensive iPads have as much as 64 gigabytes of space. The U.S. Library of Congress' 2006-10 Twitter archive of about 170 billion tweets totals 133.2 terabytes.
The Obama administration is expected to announce new measures Wednesday, including possible fines and other trade actions against China or any other country guilty of cyber-espionage. Officials familiar with the administration's plans spoke on condition of anonymity because they were not authorized to speak publicly about the threatened action.
The Chinese government denies being involved in the cyberattacks cited in a cybersecurity firm's analysis of breaches that compromised more than 140 companies. On Wednesday, China's Defense Ministry called the report deeply flawed.
Mandiant, a Virginia-based cybersecurity firm, released a torrent of details Monday that tied a secret Chinese military unit in Shanghai to years of cyberattacks against U.S. companies. Mandiant concluded that the breaches can be linked to the People's Liberation Army's Unit 61398.
Military experts believe the unit is part of the People's Liberation Army's cybercommand, which is under the direct authority of the General Staff Department, China's version of the Joint Chiefs of Staff. As such, its activities would be likely to be authorized at the highest levels of China's military.
The release of the Mandiant report, complete with details on three of the alleged hackers and photographs of one of the military unit's buildings in Shanghai, makes public what U.S. authorities have said less publicly for years. But it also increases the pressure on the U.S. to take more forceful action against the Chinese for what experts say has been years of systematic espionage.
"If the Chinese government flew planes into our airspace, our planes would escort them away. If it happened two, three or four times, the president would be on the phone and there would be threats of retaliation," said Shawn Henry, former FBI executive assistant director. "This is happening thousands of times a day. There needs to be some definition of where the red line is and what the repercussions would be."
Henry, the president of the security firm CrowdStrike, said that rather than tell companies to increase their cybersecurity, the government needs to focus more on how to deter the hackers and the nations that are backing them.
James Lewis, a cybersecurity expert at the Center for Strategic and International Studies, said that in the past year the White House has been taking a serious look at responding to China. "This will be the year they will put more pressure on, even while realizing it will be hard for the Chinese to change. There's not an on-off switch," Lewis said.
In denying involvement in the cyberattacks tracked by Mandiant, China's Foreign Ministry said China too has been a victim of hacking, some of it traced to the U.S. Foreign Ministry spokesman Hong Lei cited a report by an agency under the Ministry of Information Technology and Industry that said that in 2012 alone foreign hackers used viruses and other malicious software to seize control of 1,400 computers in China and 38,000 websites.
"Among the above attacks, those from the U.S. numbered the most," Hong said at a daily media briefing, lodging the most specific allegations the Chinese government has made about foreign hacking.
Cybersecurity experts say U.S. authorities do not conduct similar attacks or steal data from Chinese companies but acknowledge that intelligence agencies routinely spy on other countries.
China is clearly a target of interest, said Lewis, noting that the U.S. would be interested in Beijing's military policies, such as any plans for action against Taiwan or Japan.
In its report, Mandiant said it traced the hacking back to a neighborhood in the outskirts of Shanghai that includes a white 12-story office building run by the army's Unit 61398.
Mandiant said there are only two viable conclusions about the involvement of the Chinese military in the cyberattacks: Either Unit 61398 is responsible for the persistent attacks, or they are being done by a secret organization of Chinese speakers, with direct access to the Shanghai telecommunications infrastructure, who are engaged in a multi-year espionage campaign being run right outside the military unit's gates.
"In a state that rigorously monitors Internet use, it is highly unlikely that the Chinese government is unaware of an attack group that operates from the Pudong New Area of Shanghai," the Mandiant report said, concluding that the only way the group could function is with the "full knowledge and cooperation" of the Beijing government.
The unit "has systematically stolen hundreds of terabytes of data from at least 141 organizations," Mandiant wrote. A terabyte is 1,000 gigabytes. The most popular version of the new iPhone 5, for example, has 16 gigabytes of space, while the more expensive iPads have as much as 64 gigabytes of space. The U.S. Library of Congress' 2006-10 Twitter archive of about 170 billion tweets totals 133.2 terabytes.
Oh sure we are. What are we going to do, whip them with some Chinese noodles??? This country has the reputation of being slack on any kind of retaliation when another country does something. China has been doing this for years and only now is there talk of doing something. I suppose it will take another 20 years before we do anything other than blow wind at them. What we need is to slap some economic sanctions on them first, next embargo some Chinese goods from being sold here. If they don't back down keep increasing the pressure on them till the keep their noses at home.
This just in from AP Wire-- Kevin Mitnick and Clifford Stoll to jointly head up the new Department of Cyber Retaliatiion.
@mantis Great, just what we need another new department. Oh well the chinese are paying for it.Â
The biggest threat we probably face is our power grid. It is so exposed, so outdated, and so patched together.
Einstein had said he didn't know how World War III would be fought, but that World War IV would be fought with sticks and stones.
Maybe we won't destroy ourselves after all. Instead we'll throw ourselves back a couple of hundred of years as our technology dependent universe is rendered useless in a broad cyberwar.
Imagine waking up one morning and you have no power, no phone, telecommunications (TV, radio, internet) is down. No way to find out beyond battery operated devices via shortwave radio and outside US communications to learn what is going on. Toss in a couple of strategic high yield high altitude air burst nuclear explosions to knock out even shortwave communication due to EMP...becomes a scary concept. Any nation in that situation would be brought to its knees in 24 hours. No communication, no command and control, and a panicked society at each others throats. You could then literally walk in, deal with a disjointed response and take over with most of the citizens still alive and infrastructure still intact.
Time to call in Al Gore!
Paging Anonymous.... Â Would be pretty awesome to see Anon take on China and cripple them as they do with some companies here. Â Heck, cut the guys/gals a check and call it a day.
 ""Among the above attacks, those from the U.S. numbered the most," Hong said at a daily media briefing, lodging the most specific allegations the Chinese government has made about foreign hacking."
Here's the thing Hong - yes, the US government hacks you. As stated on the next line, in fact:
"Cybersecurity experts say U.S. authorities do not conduct similar attacks or steal data from Chinese companies but acknowledge that intelligence agencies routinely spy on other countries."
But right there's the difference - the US government doesn't (or at least, isn't supposed to) attack private computers, private companies, or private corporations. We engage in state-on-state espionage - and there's no point skirting around that fact - but so does everyone else! Arguing constantly about state-on-state espionage is good for political posturing, but doesn't have much merit. Yet, we (at least, The People) aren't complaining so much about that state-on-state stuff, we're complaining about you attacking US. Not the "US" as in the U.S., but us - The People. Anyone who has been using the internet for any decent length of time knows about the endless attack upon our companies, our websites, our financial systems, our email, ect... - and it's not just against Americans either, it's against the entire world. A lot of it is from citizen hackers, but unlike US-based hackers were almost every hack the People face comes from citizen hackers, a huge number of the attacks that come from your country is instigated by YOU - as in, the state hackers - and even more are suspected to be from you. That's what this report was all about - a report that was, by the way, created by a private company, not the state.
If you want to engage in the state-to-state espionage, then fine, go ahead. I'll let the politicians deal with you on that. But you leave me, and the rest of The People, alone.
This dose not have much to do with the story but the average American owns a computer and dose not know that most of the software used for that computers security is made in eastern countries. It just amazes me that the countries that we most likely do not want in our computers is willingly loaded.
@Cindertang You got doses because I'm always looking for doses.Â
Cyberwar... the method of fighting wars in the 21st century. If you really wanna strike back, just close down the Wal-Mart stores. They'll really feel the pinch! ;)
@Zoso But Wal-Mart is a Christian company?
@IslandAtheist @Zoso Derp!
Just bomb them. I don't shop at Wal-Mart anyway.
^ This is a joke.Â
Is anyone really surprised? A lot of us that make a living designing (and trying to manufacture) products here in the US have understood what China has been up to for decades. For the most part part the political response has been zero. What choice is there? We are addicted to their cheap stuff. We have sold out and didn't get much in return. I'm pretty much convinced that we no longer have the resolve or strength of leadership to survive. I wish it were different, but given the history, I don't expect that the US will be a great nation much longer.
It's so much cheaper to get Chinese to hack vs. USA. Â You can probably get 24 Chinese hackers for the cost of 1 USA hacker. Â
@AdAckbar LOL! They work in assembly line hacking centers and live in dorms. There are nets outside so when they try to kill themselves they can't. They are better educated, work for less, and don't demand vacation pay.
We have plenty of tech savvy individuals in the USA; some may have little to do. We should employ them to completely disable the technology in Nations that do this to us....Â
@The Truth And then we can whine about budget deficits, government employee bloat, and wasteful programs.
Not directed at you - but I've reached a point that whenever someone calls out an idea, especially what appears to me is a good idea (defend the country, put skilled white collar workers back to work as tax paying citizens, increase their skills) I know that someone is going to whine, BUT IT COSTS MONEY!Â
Tell North Korea that China has been telling "Yo leader (instead of yo mama)" jokes about them.  That would be a fun scuttlebutt to sit back and watch.
@The WA MamaYo leader so fat, I had to take a train and two buses just to get on his good side.
@Rockberry @The WA Mama Yo leader so ugly, we could put his face in dough, and make gorilla cookies.
How about if we put a ban on importing their cr@p? We could also stop selling them our Alaskan oil.
@Magic 8 Ball Hope you don't need light bulbs.
They can keep their gyrating hardware store musical Santa Clauses and christmas tree lights, etc. etc......
So since China owns all of our debt when are we going to have a big eviction notice sent to our shores...
@NorthriverÂ
So if by "all", you meant 8-10%, yes, you'd be correct.
Let's not ignore the fact that US companies are sourcing to China at a ridiculous rate. Where sensitive products are imported to the US with rootkits and malware configured on these solutions. Beyond me why this is even tolerated. Cyber is only one way the Chinese Gov't is obtaining data and trade secrets. Scary stuff folks.... believe me.
lets get those midgets!!!!
@futhi151 who owns about 1.2 trillion $ of our debt
Another sign that the American empire is falling. We have been spying and we have been the best at it ever since our country was formed. From intercepting military runners, listening in on the Morse code networks, cracking crypto codes, listening to telephone networks and using the internet to spy America has always been the best. Now that we are no longer the expert our leaders have to come out and cry foul. Our government does not have the money to hire the experts anymore or to keep up with the latest trends or to even pay our military what they are worth. Our government is the largest employer of US citizens but it fails to protect its own networks because they are out of money. Are we going to allow the US to fail before we wake up to the mess we are in?Â
@Beam_Me_UpÂ
We have been spying and we have been the best at it ever since our country was formed. Â
Ya. We sure knew where Saddam's weapons of mass destruction were.
We sure got the Bay of Pigs right.
Our intel sure got the word in Somalia about how the enemy plans and communicate leading up and during the "Blackhawk Down" incident.
Kind of dropped the ball on that whole Iraq invading Kuwait thing.
Our intelligence agencies completely botched and in some cases flat out lied about Soviet weapon capability extending the Cold War unnecessarily and sinking hundreds of billions of dollars into weapons systems we didn't need.
Los Alamos and other nuclear weapons facilities were filled with Soviet spies right under our noses history has proven out - at the same time MacArthy was roasting Hollywood actors, actresses, producers, and professors for being, "Communists."
Then there was this whole 9/11 thing, that history has shown a 12 year old could have figured out if it weren't for all the different agencies competing against each other and not sharing information.
Oh, and then there was that whole sneak attack at Pearl Harbor. We had already broken the Japanese codes and were reading the intercepts before the Japanese embassy staff could translate them. Crying shame that President Roosvelt was not on the approved list for receiving briefings on the intercepts, nor was the Army Air Corps!!!
If I want quality spies - I'm going to the UK or Israel (and no I don't pick the UK because of James Bond). If anything, I would say Israel has the best damn spy network in the world.
China would steal our coal if they could, but they can't, so let's help them by shipping it to them and then they can buy it with our own money (debt) and we can look for other sources of energy for future generations here at home.
@codetalker That or something similar is our ace in the hole. China is going to need something one day and they will ask us for help to which our reply would be " Oh sorry kind sir being as we owe quite a bit in loans I don't foresee being able to help you at this time.....unless." And then as a prize we can ship all of the politicians to China!