¡@
US takes aim at PRC cyber threat
¡¥A GREAT DODGE¡¦: The Pentagon says the PLA uses civilian hackers to launch
attacks and conduct espionage, which gives it deniability
AP , WASHINGTON
Saturday, Aug 21, 2010, Page 1
The US for the first time is publicly warning about the
Chinese military¡¦s use of civilian computer experts in clandestine cyberattacks
aimed at US companies and government agencies.
In a move that is being seen as a pointed signal to Beijing, the Pentagon laid
out its concerns this week in a carefully worded report.
The Pentagon said the People¡¦s Liberation Army (PLA) is using ¡§information
warfare units¡¨ to develop viruses to attack enemy computer systems and networks,
and those units include civilian computer professionals.
The assertion shines a light on a quandary that has troubled US authorities for
some time: How does the US deal with cyber espionage emanating from China and
almost certainly directed by the government ¡X despite the fact that US officials
do not have or cannot show proof of those ties?
Asked about the civilian hackers, a Department of Defense spokesman said the
Pentagon is concerned about any potential threat to its computer networks.
The Pentagon, Commander Bob Mehal said, will monitor the PLA¡¦s buildup of its
cyberwarfare capabilities, and ¡§will continue to develop capabilities to counter
any potential threat.¡¨
The new warning also comes as US and other world leaders are struggling to
improve cooperation on global cybercrime and set guidelines for Internet
oversight.
¡§The Chinese government, particularly the PLA, has sought to tap into the hacker
community and take advantage of it,¡¨ said cybersecurity expert James Lewis, a
senior fellow at the Center for Strategic and International Studies.
¡§One of the things that the Defense Department has been looking for is a way to
start signaling potential opponents about activities that might cross the line
in cyberspace,¡¨ he said.
The China report, he said, is one way to send that signal to Beijing.
The Pentagon report says that last year ¡§numerous computer systems around the
world, including those owned by the US government, continued to be the target of
intrusions that appear to have originated within¡¨ China.
Those attacks, the report said, ¡§focused on exfiltrating information, some of
which could be of strategic or military utility.¡¨
The Pentagon also pointed to an alleged China-based computer spying network ¡X
dubbed GhostNet ¡X that was revealed in a research report last year. The report
said the spy ring stole sensitive information from nearly 1,300 computer hard
drives, including networks belonging to embassies, government offices and the
Dalai Lama¡¦s exiled Tibetan government. Chinese officials denied any
involvement.
US government agencies and major corporations have repeatedly complained about
cyberattacks targeting sensitive defense programs and other high-tech
industries.
Computer security experts say they are often called to companies to dissect
computer network intrusions that contain Chinese code or can be tracked to
Internet addresses in that country.
However, experts acknowledge it is difficult to precisely determine if the cyber
intrusions are directed or sanctioned by the Chinese government or its military.
The use of civilian cyber mercenaries gives countries such as China deniability,
said Jerry Dixon, former director at the Department of Homeland Security¡¦s
Computer Emergency Readiness Team.
The civilian hackers or front companies, he said, often may have particular
expertise, such as knowledge about certain defense contractors, critical
industries or government agencies.
¡§It¡¦s a great dodge,¡¨ Lewis said. ¡§You, the government, isn¡¦t responsible
because it was some civilian that did it.¡¨
¡@
|