How Chinese cyber attacks work
Strategy Page:
The longer Western intelligence analysts and Internet security researchers look into Chinese Internet based espionage efforts, the more clearly the Chinese strategy becomes. Put simply, China has been seeking out military and government secrets, but not as diligently as they have been looking for commercial secrets and industrial technology. This is not how the Chinese hacking is described in the media, as a military campaign. But it's mostly about industrial espionage.
For example, last year it was big news that there had been a large scale effort to obtain information about American jet powered and space based (X-37) UAVs via Internet hacking. The methods, and source of the attack, had been traced back to China. These attacks are carried out via Internet based snooping efforts against specific civilian, military, and government individuals. This sort of thing is often carried out in the form of official looking email, with a file attached, sent to people at a specific military or government organization. It is usually an email they weren't expecting. This is known in the trade as "spear fishing" (or "phishing"), which is a Cyber War technique that sends official looking email to specific individuals with an attachment which, if opened, secretly installs a program that sends files from the email recipient's PC to the spear fisher's computer. In the last year, an increasing number of military, government, and contractor personnel have received these official-looking emails with a PDF document attached, and asking for prompt attention. But a greater number of attacks are being made against commercial targets.
The phishing phase takes place after the Chinese have done research on the organization to find the names of specific people they were going to send the emails to. The emails must then be composed to be realistic but not something that would alarm the recipient and cause them to call the Internet security experts. For those recipients who open the email, other Chinese hackers get involved studying the victims computer and how it is connected to the company network. This process enables the intruders to get to the most valuable secrets and do the most damage. Other specialists are then brought in to help get data back to China without being discovered and, finally, another crew of experts tries to ensure that the intrusion, and the damage that was done, is never discovered.
What is not given as much publicity is that the same techniques are used, on a much larger scale, to obtain details about commercial technologies. Most of this stuff was not military-related, but was the sort of thing Chinese firms could use to improve their competitiveness in world markets. This reflects Chinese thinking that economic power is the basis for military power. A strong economy will make China a strong military power.
...We need to have the ability to send programs to destroy the computers that are receiving the data. It would be a cyber defense weapon that makes it costly to try to steal the data. It is not enough just to block the attack. We need programs that make it dangerous to attempt the theft.
Comments
Post a Comment