"The Chinese air force has an asymmetrical warfare division" charged with developing cyberwarfare techniques to disable governments' command and control systems, says Tom Patterson, chief security officer of security device manufacturer MagTek Inc.
"They are fully staffed, fully operational and fully active. And when you aim a governmental agency that size against any company, even the size of Google -- well, it's an overwhelming force," Patterson says.
"It's been going on in China since at least at least May 2002, with workstations running 24 hours a day, 7 days a week," Peller says.
Google has been unable to conclusively tie the Chinese government to the recent attacks, but it did trace the source of those attacks to mainland China. Experts say the sophistication of the hackers indicates government support, or at least approval.
Such virtual attacks represent a very real danger. Government and security-firm sources say over 30 other companies were attacked in this latest hack, from software firms like Adobe and Juniper Networks to Northrop Grumman -- a major U.S. defense contractor and manufacturer of nuclear-powered aircraft carriers and the Global Hawk unmanned drone.
It's just part of a battle that's been getting increasingly belligerent:
-- In 2007, Britain's security agency, MI5, issued a secret warning to CEOs and security leaders at 300 banks and legal firms that they were being attacked by "Chinese state organizations." The letter was later leaked to the media.
-- Late in the 2008 presidential campaign, FBI and Secret Service agents alerted the Obama and McCain camps that their computers had been hacked. The source of the attacks: hackers in China.
-- Earlier that summer, in testimony before the House Armed Services Committee, James Shinn (assistant secretary of defense for Asian and Pacific security affairs at the time) and Maj. Gen. Philip Breedlove (of the Joint Chiefs of Staff) warned officials about China's asymmetrical warfare capabilities.
As the article also notes...
It isn't just Google, and it isn't just China. Security experts say there's a raging, worldwide cyberwar going on behind the scenes, and governments and businesses across the globe need to be on alert.
Security analysts say 20 countries, in addition to China, are actively engaged in so-called asymmetrical warfare,a term that originated with counterterrorism experts that now commonly refers to cyberattacks designed to destabilize governments. Countries engaged in this activity range from so-called friendly nations, such as the United Kingdom and Israel, to less friendly governments like North Korea, Russia, Kazakhstan, and Uzbekistan.
"There are least 100 countries with cyber espionage capabilities," warns Alan Paller, director of research at the SANS Institute, an information security and training firm. Today there are thousands of hackers working on such programs around the world, "including al Qaeda cells that are acting as training centers for hackers," he said.
"It's been a widespread problem for some time," says University of Texas at San Antonio professor and cyber security researcher Ravinderpal Sandhu. Paller and others agree, adding that the recent Google incident -- in which the Internet giant discovered e-mail and corporate sites had been extensively hacked by programmers on the Chinese mainland -- represents just the tip of the iceberg.
Will this war be fought by private companies and citizens? How will the US hold a company accountable if they swipe back at China and the Chinese lodge a formal/public complaint? If the US goes public with any allegations, can we demonstrably prove them in public? It's not like there are satellite photos of hacks the way there were of Soviet missiles in Cuba. Should we start heavily recruiting at the Balck Hat conferences and tell the guys they can wreak all the havoc they want to on the Chinese, just as long as they leave Western targets alone? Come to think of it - I like that idea!
By: Brant
No comments:
Post a Comment