Report says Chinese far outstrip U.S. cyber-spy fight for military, business secrets

Operation Byzantine Hades pulls 'terabytes' of sensitive data over half a decade of success

By  

While most of the IT world was fretting over the break-in at Epsilon that probably netted some organized crime group a few million pre-confirmed email addresses, U.S. IT espionage specialists were finishing up a report showing the Epsilon hack is small potatoes compared to China.

U.S. investigators told Reuters that attackers working for the Chinese government have stolen terabytes of sensitive data ranging from usernames and passwords for State Department computers to the designs of major weapons systems.

Secret State Dept. cables held by WikiLeaks and given to Reuters by someone else, traced a series of attacks back to the Chinese government – one trace even identifying the specific unit of the Chinese military that launched it.

Code-named "Byzantine Hades," the breaches represent attacks that have been going on since at least 2006 and are accelerating.

The months-long attack on Google in late 2009 and early 2010, which compromised the emails of Chinese dissidents and accessed Google source code, also came from China, according to Joel Brenner, former counterintelligence chief for the Office of the Director of National Intelligence.

Thousands of U.S. companies were part of the same series of attacks – code-named "Aurora" – though only 34 were publicly identified, Brenner told Reuters.

Companies ranging from IT developers to defense companies to Formula One teams also complain of attacks that go after proprietary information.

Brenner called the Aurora attacks "heavy handed use of state espionage" to steal information of military political or industrial value.

A March 28 study from McAfee and government consulting company DAIC called corporate intellectual property "the latest cybercrime currency."

"Cybercriminals have shifted their focus from physical assets to data driven properties, such as trade secrets or product planning documents," said Simon Hunt, vice president and chief technology officer, endpoint security at McAfee in the report.

The change in target means corporate security has to change, too according to Scott Aken, vice president for cyber operations at SAIC.

Photo Credit: 

Shanghai Military Region, PRC

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

SecurityWhite Papers & Webcasts

See more White Papers | Webcasts

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Ask a Question