For years now security companies have described that attacks originating in China routinely infiltrate and steal data from U.S. corporate networks, and that similar activity targets U.S. government systems, too. But even as politicians and government officials have begun to speak more freely about the issue (see “U.S. Power Grids, Water Plants a Hacking Target”), they have stopped short of making specific accusations about who is responsible. In April, President Obama’s national security adviser Tom Donilon talked vaguely of attacks “emanating from China.”
A new report from the Department of Defense (PDF) uses much firmer language, singling out the Chinese military:
“China is using its computer network exploitation (CNE) capability to support intelligence collection against the U.S. diplomatic, economic, and defense industrial base sectors that support U.S. national defense programs.”
That information could be used to help out Chinese defense companies, technology industry military planners, political leaders, says the report, which adds:
“Although this alone is a serious concern, the accesses and skills required for these intrusions are similar to those necessary to conduct computer network attacks.”
That seems to refer to the fact that an intruder on a computer network could also use their access to shut it down and disrupt communications or other – perhaps physical – systems connected to it.
It’s not within the scope of the Pentagon report to mention that the U.S. has expanding computer-based espionage and attacks capabilities of its own (see “Welcome to the Malware Industrial Complex”), that China isn’t the only nation targeting the U.S. (see “Which Four Countries Most Actively Attack the U.S.?”), or to discuss the state of defenses against such actions.
From a technical perspective, the prevalence of successful infiltration of U.S. companies – even defense and security companies such as Lockheed Martin and RSA – suggests they are slim. Recent research has shown that a determined adversary could likely find many opportunities to access physical industrial systems (see “What Happened When One Man Pinged the Whole Internet”).
However, how far China might be willing to test any computer espionage and attack capabilities will be determined by traditional political and strategic concerns more than technical questions. President Obama, secretary of state John Kerry and other senior U.S. officials are all known to have raised the question of computer-based industrial espionage with China in recent months and presumably they are also raising the matter of the actions against Pentagon and government networks described in the new report out today.
For now, China’s government is publicly sticking to its previous line that it does not condone or support any such activity, with a spokesperson telling the New York Times today that:
“China has repeatedly said that we resolutely oppose all forms of hacker attacks…we are firmly opposed to any groundless accusations and speculations.”