Sabre rattling US to target Chinese APT hackers
The US Government is to launch an unprecedented counter attack on the Chinese hackers that have been accused of stealing the country’s state and industrial secrets.
The move follows on from the announcement yesterday by the computer security company Mandiant that it had discovered a unit of the Chinese Army based in Shanghai that it claimed had stolen hundreds of terrabytes of information from 140 US firms.
According to high level sources the US announcement (timed for 8pm tonight) will confirm that the US is to launch a series of fines and economic penalties against the Chinese in retaliation for a series of cyber intrusions that have become known as Advanced Persistent Threat attacks.
The US response is expected to even go to the extent of identifying and naming individuals that the US considers responsible for the attacks.
The US action marks a growing exasperation with the Chinese Government, which despite over 10 years of officials warnings from Western Governments that the wholesale theft of defence secrets, and valuable business information was being carried out by the Chinese has chosen to ignore the anger.
An exasperation signalled by Senator Mike Rogers at the opening of the US House Permanent Select Committee on Intelligence’s 2011 hearing on cyber threats.
“China’s economic espionage has reached an intolerable level and I believe that the United States and our allies in Europe and Asia have an obligation to confront Beijing and demand that they put a stop to this piracy.
“Beijing is waging a massive trade war on us all, and we should band together to pressure them to stop. Combined, the United States and our allies in Europe and Asia have significant diplomatic and economic leverage over China, and we should use this to our advantage to put an end to this scourge.”
The US exasperation has been felt in the UK.
In a speech to mark the launch of the cyber security summit also in 2011 UK foreign secretary William Hague also mentioned that Western powers were suffering unprecedented levels of cyber theft due to espionage but fell shy of naming the Chinese.
But officials behinds the scenes left journalist in no doubt that the Chinese were to blame.
According to Howard Schmidt, until last Summer President Obama’s cyber security czar, the US response now means that a line has effectively been drawn in the sand.
“Since 2010 and Google there has been report after report after report, effectively saying the same thing some with more details, some with less, but it doesn’t seem to dissuade those responsible and I am pretty sure a lot of this is coming from the Chinese Government though some will also be coming from other groups, but it doesn’t seem to convince them that they should stop.
“The reason for that seems to be that they have so much more to gain from doing this than they have to lose.”
According to sources in the UK that have been monitoring the Chinese attacks for a number of years, the US decision to go after the individuals and groups that have been responsible for what in July 2012, General Keith B. Alexander, the director of the US’s National Security Agency, called ‘the greatest transfer of wealth in history’ is a sea change in the world of cyber crime.
“I think that this is it. It’s not going to be easy but this is a significant moment. Up until now we have just had warnings and mutterings but now something is being done, something is going to happen.”
News of the stiffening of attitude has come at the same time as a significant diplomatic escalation over the issue, with President Obama flagging up the cyber threat in his Union address and particularly focusing in on the threat to the computerised systems that control the critical national infrastructure, systems such as electricity, gas and telecommunications all, it has been claimed the target of Chinese hackers.
The US announcement also signals one other important change, that the cyber security industry is now confident that it can identify those who are carrying out the attacks.
Up until now attribution has been a difficulty and many times over the past 10 years countries identified as being responsible for cyber crime have claimed that the attacks are simply being routed through their countries but are not actually originating from there.
News of the US loss of patience has coincided with a series of signs that indicate that an international consensus on cyber crime is beginning to emerge, with Russia’s President Putin recently announcing that Russia would start moves to crack down on cyber crime.
According to sources in the intelligence and cyber worlds the release of the Mandiant report has been deliberately timed to coincide with the US Government announcement of a crackdown on those attacking it.
Indeed rumours of the US response have been circulating in the UK, well in advance of David Cameron’s announcement that the UK would be seeking to co-operate with India to build cyber centres of excellence and indicate an attempt to generate a united front against the Chinese in the light of the hacking activity claimed by Mandiant.
According to intelligence and industry sources the US response has actually started in advance of the US announcement.
“It’s been going on for a while and it’s a massive response,” said one source, who declined to be named.
The Chinese have denied the Mandiant claims.
In a statement, the Defence Ministry said the report lacked “technical proof” when it used IP addresses to link hacking to a military unit.
The Chinese ministry statement, stated that many hacking attacks were carried out using hijacked IP addresses.