China Targets U.S. In Hacking Blame Game
"The Defense Ministry and China Military Online websites have faced a serious threat from hacking attacks since they were established, and the number of hacks has risen steadily in recent years," said ministry spokesman Geng Yansheng, Reuters reported. Geng's comments were delivered in a monthly press briefing that's closed to foreign reporters, and which were later distributed by the government.
- The Untapped Potential of Mobile Apps for Commercial Customers
- Get Actionable Insight with Security Intelligence for Mainframe Environments
- The 451 Group Impact Report: Skybox Enters Vulnerability Management Space
- Skybox Security Vulnerability Management Survey
China's allegations came as a response to increased accusations from security experts in the United States that Chinese government has been sponsoring a long-running online espionage campaign that targets private businesses.
[ Why does the U.S. accuse China of hacking? Read China Denies U.S. Hacking Accusations: 6 Facts. ]
Notably, security firm Mandiant last week released a report that accused the Chinese government of supporting multiple groups of advanced persistent threat (APT) attackers, and one particular group of having successfully compromised 141 businesses since 2006. Although the group -- dubbed Comment Crew by some security watchers, and APT1 by Mandiant -- was first spotted in 2006, Mandiant's report was the first to lay out voluminous evidence, albeit of a circumstantial nature, that attempted to link APT1 not just to China, but to the People's Liberation Army (PLA) Unit 61398, which Mandiant described as an elite military hacking unit.
According to a statement released last week by China's defense ministry, however, "the Chinese army has never supported any hackings." Indeed, the Chinese government has repeatedly denied that it hacks foreign governments' or businesses' websites, and Chinese officials labeled Mandiant's report "groundless both in facts and legal basis," accusing the security firm of invoking the specter of Chinese attacks to drum up more business.
Chinese officials likewise dismissed last month an allegation by The New York Times that the Chinese government was responsible for hacking into the paper's network and stealing a copy of every employee's password. After the Times discovered the breach in November 2012, it hired Mandiant to conduct a digital forensic investigation. In January, based on research provided by Mandiant, the Times accused China -- and in particular, APT group #12 -- of having launched the attacks. The Wall Street Journal and Washington Post later said they'd also been targeted in similar attacks.
As the hacking accusations against China have increased, Chinese government officials have gone to great pains to emphasize that people in China are themselves regularly subjected to attacks launched from overseas. "In 2012, about 73,000 overseas IP addresses controlled more than 14 million computers in China and 32,000 IP addresses remotely controlled 38,000 Chinese websites," foreign ministry spokesman Hong Lei said at a news conference last week, noting that the greatest number of attacks emanated from the United States.
Despite the increase in foreign attacks targeting Chinese systems, "Beijing has seldom accused other countries of launching the attacks," said Wen Weiping, a professor at the School of Software and Microelectronics at Peking University, in a statement released by Xinhua News Agency, which is the official press agency of the People's Republic of China.
Thursday, meanwhile, defense ministry spokesman Geng said that no Chinese soldiers are engaged in cyber warfare or online attacks, noting that Chinese "blue teams" participate only in military drills, "to enhance the country's ability to safeguard cyber security," according to a statement released by Xinhua. Blue teams refers to the "good guys" in a military exercise, while red teams play the enemy.
But Geng said China is working to improve its military cybersecurity capabilities. "Compared with military capabilities around the world, however, there is still a gap," he said.
Speaking this week at the RSA conference in San Francisco, some information security experts said they expect China's alleged cyber attacks to continue unabated.
In part that appears to be because high-level discussions on the topic have yet to agree on terminology, James Lewis, a senior fellow at the Center for Strategic and International Studies (CSIS), told the conference. In particular, Chinese government officials who engage in proxy discussions with U.S. think tanks prefer to avoid discussing espionage, or even using the word "espionage" at all.
Attend Interop Las Vegas, May 6-10, and attend the most thorough training on Apple Deployment at the NEW Mac & iOS IT Conference. Use Priority Code DIPR03 by March 9 to save up to $500 off the price of Conference Passes. Join us in Las Vegas for access to 125+ workshops and conference classes, 350+ exhibiting companies, and the latest technology. Register for Interop today!