Google’s fight with Chinese censors risks escalating into a fullblown US-China showdown over cyber warfare, as claims emerge about the unprecedented scale of Chinese attacks on US commercial and defence systems.
The Chinese-originated attack on Gmail accounts of human rights activists, which Google said had partly prompted its threat to leave China, was “probably insignificant” compared with the “theft” of source code and data from Google and at least 33 other leading technology companies, said a consultant briefed on the cyber attacks.
From The Sydney Morning Herald
JOHN GARNAUT
January 15, 2010
Google’s fight with Chinese censors risks escalating into a fullblown US-China showdown over cyber warfare, as claims emerge about the unprecedented scale of Chinese attacks on US commercial and defence systems.
The Chinese-originated attack on Gmail accounts of human rights activists, which Google said had partly prompted its threat to leave China, was “probably insignificant” compared with the “theft” of source code and data from Google and at least 33 other leading technology companies, said a consultant briefed on the cyber attacks.
The details coincided with claims that the FBI had tracked more than 90,000 Chinese-originated attacks last year on the Defence Department alone.
Australia’s big mining companies are refusing to negotiate iron ore contracts in China because of Chinese security agency intrusions at Rio Tinto, which culminated in the arrest of one of its executives, Stern Hu.
Greg Walton, a security development fellow at the Citizen Lab, University of Toronto, said a series of intelligence leaks implied ”there is something big going on which is not being reported at the moment”.
“Maybe it’s conceivable China has now pulled ahead on offensive operations, partly because US intelligence is geared in a very different way. It’s more, ‘Let’s suck up all the electronic communications in the world through the five eyes’: the intelligence alliance between the US, UK, Australia, Canada and New Zealand.”
A US company, one of the world’s largest, forbids employees from carrying communication equipment into China, including laptops and mobile phones, because of security concerns.
The consultant who was briefed on the Gmail attacks said at least 34 companies, including Yahoo!, Symantec and Adobe, had been affected. A report in The Washington Post named another two companies, Northrop Grumman and Dow Chemical.
Mr Walton said China’s cyber warfare capability was mostly not in the same league as that of the US or Britain.
The Obama Administration has become increasingly concerned about internet censorship in China.
While sources say the US has been quietly disappointed that its co-operative approach to such issues as climate change, the Chinese currency and Iran’s nuclear program, has not been reciprocated, the President, Barack Obama, has publicly pushed censorship, in part because his views resonate with a big proportion of China’s 338 million internet users.
But a political analyst in Washington, Chris Nelson, has written that Mr Obama could be forced to respond to China “in a far more aggressive and public way”.
The Secretary of State, Hillary Clinton, is reportedly planning to release a new technology policy next week to help web users evade censorship controls.
The State Department is understood to have invested big sums in developing technology to help Chinese users overcome China’s firewall.
The largely state-controlled Chinese media, usually packed with protests and elaborate claims about US policies to ”contain” China, barely reported Google’s decision to consider leaving and did not mention censorship.
A Chinese security official said China was likely to continue to tread quietly on the subject because “a large portion of the Chinese public support Google”.
Jin Canrong, professor of international relations at the People’s University, said the “honeymoon was over” in US-China relations but the row over cyberspace would barely create a ripple.
Jia Daojiong, of Peking University, who specialises in US-China relations, urged leaders on both sides to diffuse the “images of confrontation” that have emerged since Copenhagen.
Mr Walton said the attacks on Google, US defence systems and computers were extremely sophisticated.
They all involved the same modus operandi, with “Trojan” viruses being dropped on to computers when users inadvertently opened email attachments purportedly from friends.
This enabled a remote user to drop a kind of remote access device that Chinese hackers call “gh0stRAT”.
In the Google case, he said, data was deposited in a computer ”sink hole” in California before being sent back to China.
These attacks had been traced to “patriotic actors” who enjoyed Chinese Government support.
“Intelligence agencies estimate there are approximately half a million of these people willing to engage in cyber warfare,” he said.
A Chinese security source said yesterday that it was unlikely China’s unofficial “internet army” or even military and intelligence agencies had the sophistication to seriously challenge the world’s leading technicians in the US. “The Chinese military uses American software systems,” he said.
http://www.smh.com.au/technology/security/chinese-hackers-force-us-showdown-20100115-manu.html