China has become the Somali pirate of the Internet

Chinese govt. excuse hacker-hobbyists run big cyberattacks is a big phish story

Yesterday's big security news was that someone hit Google with a focused phishing campaign aimed at U.S. government officials, Chinese dissidents and officials or journalists in Asian countries other than China.

Google blames China. China responded angrily to the accusation. It is as shocked at the belief it could be the perpetrator of such knavery as at it is at the perpetrators whose targets only coincidentally mirror the profile of people and countries China has been shown to be targeting with similar campaigns during the past 10 years.

"Blaming these misdeeds on China is unacceptable," Hong Lei, a Chinese foreign ministry spokesman told a news briefing in Beijing, according to a story in British daily The Telegraph.

"Hacking is an international problem and China is also a victim. The claims of so-called Chinese state support for hacking are completely fictitious and have ulterior motives," Lei said.

China doesn't condone hacking, but it is a popular hobby among civilians, many of whom learn the craft in online study courses which, by implication, teach highly sophisticated, focused spear-phishing techniques that can be applied against hundreds or thousands of potential victims at a time.

Given the money and person-hours required, it's reasonable to assume this was some kind of project for a giant hacker class, or a really big informal gathering of hacker hobbyists, possibly in connection with an outdoor spring gathering or festival.

It certainly wasn't an effort by the Chinese government or the special cyberwarfare units U.S. intelligence agencies have pinpointed as the source of attacks on U.S. government sites in the past, according to an editorial published in Xinhua, the government news agency. The editorial accused Google of damaging global trust in the Internet through its groundless accusations.

Google not only profiled the attack as matching previous efforts from Chinese military facilities, it also

narrowed down the likely source to the same military group in a vocational school in Jinan, China that the New York Times linked to December, 2009 attacks on Google data centers.

Unless the hacker hobbyist festival was held in a military training school, the Chinese government's theory that the attacks are uncoordinated efforts from curious, largely harmless groups of Chinese civilians are just silly. Its only use is as an example of how little China evidently cares about maintaining a credible level of deniability.

(FastCompany pooh-poohs the whole story because most of the media referred to the attacks as "hacking" rather than by the proper term – phishing.

There is a big difference between the two if you're describing specific exploits or areas of interest for security geeks. Once an account has been broken, it's acceptable even among geeks to refer to it as having been hacked.

Most of the media outlets that misused the term "hack" address non-IT audiences that don't typically know the difference between hacking, phishing and hacking fish in the kitchen. So FastCompany should slink back into its Closet of Pedantry and find something more interesting to write about.)

China has used broad phishing and narrowly focused spear-phishing campaigns with an astonishing level of success against U.S. targets for years according to top U.S. intelligence officials. It has also used less subtle methods – like redirecting much of the Internet's traffic through its own servers so it can have a look at what people are talking about.

"The Chinese have made a substantial investment in [online espionage, cracking and cyberwarfare]," Director of National Intelligence James Clapper told a Senate security subcommittee in March."They have a very large organization devoted to it and they're pretty aggressive."

At this point it's just silly to try to claim China is not involved in large-scale, coordinated online attacks on U.S. government agencies, military and government officials, not to mention individuals or companies Chinese officials consider to be unfriendly to its policies.

Trying to avoid saying China is conducting a largely public intelligence cyberwar against the West is like claiming all those heavily armed small boats off the coast of Somalia are out for an honest day of fishing.

The U.S. military's declaration late last week that it reserves the right to respond militarily to cyberattacks may be the first sign the U.S. is not only taking Chinese hacking more seriously, but is also preparing to do something about it.

Attacking China militarily even with this overt a level of digital provocation is out of the question, though that option could be used as pressure against countries such as Iran, which is still looking for revenge for the Stuxnet attack.

Covert U.S. online counter-attacks evidently haven't slowed the progress of all those Chinese hacker hobbyists.

Neither has declaring cyber war a top U.S. diplomatic priority.

It would be nice to think there's a more effective response in the pipeline. So far there's no evidence of either a public effort that would have any impact or covert efforts that are having any effect.

Without something that can slam the gate on foreign cyber-espionage, we'll end up either being at the mercy of any country with a good Internet connection and Hacker Hobby club. Either that or we'll be on the way to escalating through threats, confrontations to eventual open war with a country a lot bigger and better armed than any the U.S. has fought since World War II.

That's a big price to pay for not being able to catch a few phish.

What’s wrong? The new clean desk test
Join the discussion
Be the first to comment on this article. Our Commenting Policies