Handful of Chinese Hackers Responsible for Majority of Attacks

Monday, December 12, 2011

Headlines

69dafe8b58066478aea48f3d0f384820

The Associated Press reports that analysis shows that the majority of attacks and intrusions emanating from China are conducted by as few as a dozen hacker groups, many in coordination with or under the direction of the Chinese government.

The report states that many of the attacks carry tell-tale signatures of particular hacking groups being tracked by intelligence and cybersecurity teams in the U.S., contrary to many expert opinions which indicate that accurate attribution is nearly impossible if the attackers are savvy enough.

Nonetheless, the United States Office of the Counterintelligence Executive (ONCIX) recently released a report documenting the billions of dollars in intellectual property and classified information being lost every year to cyber espionage.

The report, titled Foreign Spies Stealing U.S. Economic Secrets in Cyberspace, boldly suggested that state-sponsored entities in both China and Russia, among other offenders, are systematically targeting U.S. government and private sector networks in an effort to pilfer information that has tremendous economic value.

The nearly constant onslaught of unauthorized access events is exasperated by the lack of reprisal attackers face even if they are accurately identified.

James Cartwright, a former vice chairman of the Joint Chiefs of Staff who advocates for increasing measures to hold China and other nation-states responsible for intrusion operations, said that "industry is already feeling that they are at war."

"Right now we have the worst of worlds. If you want to attack me you can do it all you want, because I can't do anything about it. It's risk free, and you're willing to take almost any risk to come after me," said Cartwright.

Cartwright believes the U.S. should be aggressive in their response to attacks that originate overseas, in essence establishing that "if you come after me [the U.S.], I'm going to find you, I'm going to do something about it. It will be proportional, but I'm going to do something... and if you're hiding in a third country, I'm going to tell that country you're there, if they don't stop you from doing it, I'm going to come and get you."

Jon Ramsey, who heads Dell's counter threat unit, agrees that the government needs to increase the level of perceived risk for those conducting cyber espionage and attacks against U.S. owned and operated systems.

"In the private sector we're always on defense. We can't do something about it, but someone has to. There is no deterrent not to attack the U.S.," Ramsey said.

Earlier this month while speaking at a security forum in London, General Martin Dempsey, Chairman of the Joint Chiefs of Staff, warned that the constant barrage of cyber attacks against critical systems will require a unified effort by government and the private sector to improve security.

Dempsey reiterated what many experts have been saying for years - that cyber-based espionage operations are a major threat to proprietary information and ultimately the economy as a whole.

"We lose enormous intellectual property rights. We're under constant attack every day. And it's going to take a whole government approach," Dempsey said

Dempsey's sentiments are bolstered by a recently released report form the United States Office of the Counterintelligence Executive (ONCIX) that documents the billions of dollars in intellectual property and classified information being lost every year to cyber espionage.

The report, titled Foreign Spies Stealing U.S. Economic Secrets in Cyberspace, boldly suggests that state-sponsored entities in both China and Russia are systematically targeting US government and private sector networks in an effort to pilfer valuable information that has tremendous economic value.

A separate report which details China's electronic espionage and intelligence apparatus which was released last month by researchers at the Project 2049 Institute concludes that China's intelligence gathering is not limited to national security and military efforts, but may also be geared towards gaining an economic advantage as well.

The report, titled "The Chinese People's Liberation Army Signal Intelligence and Cyber Reconnaissance Infrastructure", indicates that China has established a sophisticated multi-departmental organization for the purpose of espionage which includes both military and civilian entities.

Source:  http://abcnews.go.com/US/wireStory/chinese-hacker-teams-us-data-theft-15135854#.TuZA41Ypr-9

Possibly Related Articles:
16696
Network->General
China Intellectual Property Cyber Security Attacks Headlines Espionage National Security Deterrence Attribution
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.