This story, on the Chinese successfully making a cyber attack on the Pentagon, is admittedly a bit wide of the subject matter of this blog, but it’s a major story that the Financial Times seems to have broken. I don’t see it on the New York Times, Wall Street Journal, CNN or Bloomberg sites. Bizarrely, the FT posted this story early enough to be able to put out an editorial on it as well, yet the major US outlets haven’t touched it yet.
Admittedly, this was an attack was claimed by the Pentagon to have succeeded only on an unclassified system, but even then, who knows what useful data might have been purloined. And perhaps I’m paranoid, but I wonder if the Administration would be truthful if the Chinese had gotten their hands on classified information.
The Germans were similarly hacked by the Chinese, making the accuracy of this report seem more likely.
I’m no China expert, but relations weren’t great before this incident, and this can only make matters worse. How much worse remains to be seen.
From the FT:
The Chinese military hacked into a Pentagon computer network in June in the most successful cyber attack on the US defence department, say American officials.
The Pentagon acknowledged shutting down part of a computer system serving the office of Robert Gates, defence secretary, but declined to say who it believed was behind the attack.
Current and former officials have told the Financial Times an internal investigation has revealed that the incursion came from the People’s Liberation Army.
One senior US official said the Pentagon had pinpointed the exact origins of the attack. Another person familiar with the event said there was a “very high level of confidence…trending towards total certainty” that the PLA was responsible. The defence ministry in Beijing declined to comment on Monday.
Angela Merkel, Germany’s chancellor, raised reports of Chinese infiltration of German government computers with Wen Jiabao, China’s premier, in a visit to Beijing, after which the Chinese foreign ministry said the government opposed and forbade “any criminal acts undermining computer systems, including hacking”.
“We have explicit laws and regulations in this regard,” said Jiang Yu, from the ministry. “Hacking is a global issue and China is frequently a victim.”
George W. Bush, US president, is due to meet Hu Jintao, China’s president, on Thursday in Australia prior to the Apec summit.
The PLA regularly probes US military networks – and the Pentagon is widely assumed to scan Chinese networks – but US officials said the penetration in June raised concerns to a new level because of fears that China had shown it could disrupt systems at critical times.
“The PLA has demonstrated the ability to conduct attacks that disable our system…and the ability in a conflict situation to re-enter and disrupt on a very large scale,” said a former official, who said the PLA had penetrated the networks of US defence companies and think-tanks.
Hackers from numerous locations in China spent several months probing the Pentagon system before overcoming its defences, according to people familiar with the matter.
The Pentagon took down the network for more than a week while the attacks continued, and is to conduct a comprehensive diagnosis. “These are multiple wake-up calls stirring us to levels of more aggressive vigilance,” said Richard Lawless, the Pentagon’s top Asia official at the time of the attacks.
The Pentagon is still investigating how much data was downloaded, but one person with knowledge of the attack said most of the information was probably “unclassified”. He said the event had forced officials to reconsider the kind of information they send over unsecured e-mail systems.
John Hamre, a Clinton-era deputy defence secretary involved with cyber security, said that while he had no knowledge of the June attack, criminal groups sometimes masked cyber attacks to make it appear they came from government computers in a particular country.
The National Security Council said the White House had created a team of experts to consider whether the administration needed to restrict the use of BlackBerries because of concerns about cyber espionage.
Key observations from the editorial:
But the targets for these 21st-century spies are not new. For the most part they are seeking the sort of secret information governments have long sought from friends and adversaries: political and defence intelligence, science and technology innovations, commercially sensitive information and in some cases news about exiled dissidents.
So far public reports suggest China is concentrating for now on espionage rather than sabotage. However, the latter cannot be ruled out, particularly after the cyber-sabotage this year of Estonia’s government computers, assumed to have emanated from Russia.
I tend to find such government hacking reports uninteresting, because first of all it is nearly impossible to identify the physical location of a skilled attacker (ie if you can tell they’re from China they’re not pros), and secondly if anyone is stupid enough to connect a computer containing valuable state secrets to the Internet they ought to be canned. Of course, if I recall from the various GAO network inspections this probably encompasses half the Pentagon.
The FT article does mention that the attack might have been designed to discredit the Chinese government. However, given the intensity with which China monitors internet traffic, that would presumably be harder to pull off there than most places.
From my vantage, the issue is less whether the Chinese got anything meaningful, and more the potential diplomatic blowback from the attempt.
However, both Congress and the Administration choose not to pursue many cases of alleged spying by Israel, likely because it would ruffle too many feathers. If the Chinese military really was behind this case, they may decide to go the route of letting the press attention plus a few private scoldings be enough warning for now.
That may be why the US press is downplaying this incident. Making too much noise about it might force the Administration’s hand.
Washington Ignores Cyberattack Threats, Putting Us All at Peril