Pentagon warns public about cyber attacks by China

Says military using civilian hackers

By Lolita C. Baldor
Associated Press / August 20, 2010

E-mail this article

Invalid E-mail address
Invalid E-mail address

Sending your article

Your article has been sent.

Text size +

WASHINGTON — The United States for the first time is publicly warning about the Chinese military’s use of civilian computer specialists in clandestine cyber attacks aimed at American companies and government agencies.

In a move viewed as a pointed signal to Beijing, the Pentagon laid out its concerns this week in a carefully worded report.

The People’s Liberation Army, the Pentagon said, is using “information warfare units’’ to develop viruses to attack computer systems and networks, and those units include civilian computer professionals.

The assertion shines a light on a quandary that has troubled American authorities for some time: How does the United States deal with cyber espionage emanating from China and almost certainly directed by the government — despite the fact that US officials don’t have or can’t show proof of those ties?

Asked about the civilian hackers, a Defense Department spokesman said the Pentagon is concerned about any potential threat to its computer networks. The Pentagon, said Commander Bob Mehal, will monitor the army’s buildup of its cyberwarfare capabilities, and “will continue to develop capabilities to counter any potential threat.’’

The new warning also was issued as US and other international leaders are struggling to improve cooperation on global cybercrime and set guidelines for Internet oversight.

“The Chinese government, particularly the PLA, has sought to tap into the hacker community and take advantage of it,’’ said James Lewis, a cybersecurity specialist and a senior fellow at the Center for Strategic and International Studies. “One of the things that the Defense Department has been looking for is a way to start signaling potential opponents about activities that might cross the line in cyberspace.’’

The China report, he said, is one way to send that signal to Beijing. The Pentagon report says that last year “numerous computer systems around the world, including those owned by the US government, continued to be the target of intrusions that appear to have originated within’’ the People’s Republic of China.

Those attacks, the report said, “focused on exfiltrating information, some of which could be of strategic or military utility.’’

The Pentagon also pointed to an alleged China-based computer spying network — dubbed GhostNet — that was revealed in a research report last year. The report said the spy ring stole information from nearly 1,300 computer hard drives, including networks belonging to embassies, government offices, and the Dalai Lama and his exiled Tibetan government. Chinese officials denied involvement.

US government agencies and major corporations have repeatedly complained about cyber attacks targeting sensitive defense programs and other high-tech industries. Computer security specialists say they are often called to companies to dissect computer network intrusions that contain Chinese code or can be tracked to Internet addresses in that country.

But specialists acknowledge that it is difficult to precisely determine whether the cyber intrusions are directed or sanctioned by the Chinese government or its military.

The use of civilian cyber mercenaries gives countries such as China deniability, said Jerry Dixon, former director for the Department of Homeland Security’s Computer Emergency Readiness Team.

The civilian hackers or front companies, he added, often may have particular expertise, such as knowledge about certain defense contractors, critical industries, or government agencies.