Hack Attacks Back
Snowden enables China’s assault
CHINA’S military hackers are back, more brazen than ever. You can thank Edward Snowden. A year ago, the Internet security firm Mandiant went public with what cyberwar watchers had known for some time: Unit 61398, a secret branch of the Chinese military, had been behind more than 1,000 cyber attacks on Western targets since 2006. Employing thousands of trained cyber warriors housed in a 12story building in Shanghai — and backed by an enormous militia of parttime hackers — Unit 61398 had been waging a constant war on foreign banks, infrastructure, defense firms and government agencies, including one spectacular 2007 raid on the Pentagon that shut down 1,500 different Defense Department networks.
The resulting international sensation forced a reluctant President Obama to confront the Chinese premier on the issue. Beijing issued its usual furious denial — but the attacks stopped and Unit 61398 fell from the headlines.
But now we know they didn’t stop for long — and the West and the Obama administration are looking as illprepared and impotent as ever in dealing with the threat. China’s usual attacks on banks, weapons manufacturers and other juicy targets are now back to almost daily.
The first big attack came as early as late May, when Chinese hackers raided networks at top US defense firms, swiping information on more than two dozen weapons systems.
In October, they hit the Federal Electoral Commission, suggesting the People’s Liberation Army is looking at ways to interfere in the US electoral process.
In December, they launched a series of attacks on the foreign ministries of five countries ahead of the G20 summit, using an infected email attachment that was supposed to provide updates on the Syria crisis. (Not as clever as Unit 61398’s similar 2011 attack, which used an email promising nude photos of then French President Nicholas Sarkozy’s wife, Carla Bruni.)
The latest outrage came Feb. 11, when evidence revealed Chinese cyber warriors had cracked open the Veterans of Foreign Wars computer system — itself not an obvious security threat, but part of what experts believe was a much broader attack on US military personnel records and files, both past and current.
Most striking is how bold the attacks have grown. The Chinese are apparently so confident we can’t (or won’t) stop them that they’ve gotten sloppy. Examining hacker codes left behind on US military and commercial networks, Internetsecurity engineers have been finding bits of code identical to Chinese commercial software sold for export by companies with contracts with the People’s Liberation Army.
Why so bold and brazen? Snowden’s revelations about the National Security Agency — both his public releases and his likely private ones.
The Snowden defection back in June was a double gift for China’s hackers (as well as for Russian ones — the State Department even issued a warning that any cellphone or laptop brought to the Sochi Olympics would almost certainly be hacked there, and its passwords stolen).
The data Snowden brought with him to Hong Kong included a wealth of information about how our intelligence agencies fight and trace hackers, as well as on the NSA’s own hacking efforts in China.
Second, Snowden’s public revelations have for more than six months distracted media and public attention away from China’s increasingly bold and lawless cyberwar offensives, and kept it focused on the NSA.
The press and politicians are more obsessed about whether an NSA clerk might be listening in one of our phone calls than whether a transcript of that call could end up on the desk of a PLA intelligence official — or whether the phone company’s software becomes a conduit for Unit 61398 cracking open bank accounts around the country.
Sen. Rand Paul’s latest stunt of suing President Obama over the NSA flap isn’t going to help focus attention back on how our adversaries — China, Russia, Iran — are using the Internet daily as a battlefield to wage war on us.
Obama, meanwhile, seems utterly unwilling to publicly defend and explain the things it’s necessary for our government to do to protect against these attacks — or even to again confront China’s leaders over the constant assault.
So expect more attacks by hackers confident that no one, least of all our government, has the political will to make them stop.