Report Claims U.S. Cyber Analysts Trace Most Serious Attacks To Just 12 Hacking Groups in China

ID THREATPOST:041EA25035091718B670694C1765AEA7
Type threatpost
Reporter Paul Roberts
Modified 2013-04-17T16:33:10


ChinaCyber security analysts at private sector firms in the U.S. say they have linked a string of devastating hacks of military networks and defense contractors to a small cadre of hacking groups within China, and are pushing the U.S. government for the green light to strike back.

The report Monday in The Guardian, cited anonymous “US cyber security analyts and experts” within the US claiming that they can identify the culprits for devastating cyber attacks against the U.S. military, defense contractors and private sector firms to “as few as 12 different Chinese groups, largely backed or directed by the government there.” The firms, and their backers in Washington D.C., are pushing for greater latitude to use offensive means to strike back.

The analysts making the claims have worked with both private sector firms targeted by foreign hackers, and for the U.S. government. They claim that hackers or groups of hackers responsible for the attacks have telltale signatures that have allowed them to develop profiles for the various groups and individuals.

Investigations suggest that established Chinese teams get orders to go after specific technologies or companies within a particular industry. Two or more of the teams may even get the same orders then compete, Capture The Flag style, to be the first to achieve the goal or retrieve the greatest amount of information.

The structure of the Internet makes it almost impossible to definitively link the attacks to China, let alone to groups operating within the country. Still, the experts feel the U.S. needs to move to a Cold War footing over the cyber intrusions: making it clear that there will be repercussions for cyber attacks or hacks targeted at U.S. government and military assets or private sector firms.

Though little is known about the Chinese military’s use of hacking, tidbits of information have slipped out. A snipped from a propaganda film used by the People’s Liberation Army (PLA) showed PLA soldiers using custom tools to hack Web sites belonging ot Falun Gong. That video identified the PLA’s Electrical Engineering University as the source of the tool.

After years of silence, the U.S. government and policymakers have been speaking in more blunt terms about the efforts of foreign governments to abscond with military, diplomatic and commercial secrets using digital espionage. In November, the U.S. Office of the National Counterintelligence Executive issued a report alleging that cyber espionage on the part of China and Russia are a “pervasive threat” to U.S. interests.