Sunday, 1 January 2012

Home » , » A few Chinese hacker teams do most US data theft

A few Chinese hacker teams do most US data theft

As few as 12 different Chinese groups, largely backed or directed by the government there, do the bulk of the China-based cyberattacks stealing critical data from U.S. companies and government agencies, according to U.S. cybersecurity analysts and experts.

The aggressive, but stealthy attacks, which steal billions of dollars in intellectual property and data, often carry distinct signatures allowing U.S. officials to link them to certain hacker teams. And, analysts say the U.S. often gives the attackers unique names or numbers, and at times can tell where the hackers are and even who they may be.

Sketched out by analysts who have worked with U.S. companies and the government on computer intrusions, the details illuminate recent claims by American intelligence officials about the escalating cyber threat emanating from China. And the widening expanse of targets, coupled with the expensive and sensitive technologies they are losing, is putting increased pressure on the U.S. to take a much harder stand against the communist giant.

It is largely impossible for the U.S. to prosecute hackers in China, since it requires reciprocal agreements between the two countries, and it is always difficult to provide ironclad proof that the hacking came from specific people.

Several analysts described the Chinese attacks, speaking on condition of anonymity because of the sensitivity of the investigations and to protect the privacy of clients. China has routinely rejected allegations of cyberspying and says it also is a target. “Industry is already feeling that they are at war,” said James Cartwright, a retired Marine general and former vice chairman of the Joint Chiefs of Staff.

A recognized expert on cyber issues, Cartwright has come out strongly in favor of increased U.S. efforts to hold China and other countries accountable for the cyberattacks that come from within their borders. “Right now we have the worst of worlds,” said Cartwright. “If you want to attack me you can do it all you want, because I can’t do anythingabout it. It’s risk free, and you’re willing to take almost any risk to come after me.”

The U.S., he said, “needs to say, if you come after me, I’m going to find you, I’m going to do something about it. It will be proportional, but I’m going to do something … and if you’re hiding in a third country, I’m gong to tell that country you’re there, if they don’t stop you from doing it, I’m going to come and get you.”

Cyber experts agree, and say that companies are frustrated that the government isn’t doing enough to pressure China to stop the attacks or go after hackers in that country. Much like during the Col War with Russia, officials say the U.S. needs to make it clear that there will be repercussions for cyberattacks.

The government “needs to do more to increase the risk,” said Jon Ramsey, head of the counter threat unit at the Atlanta-based Dell SecureWorks, a computer security consulting company. “In the pivate sector we’re always on defense. We can’t do something about it, but someone has to. There is no deterrent not to attack the U.S.”

Cyberattacks originating in China have been a problem for years, but until a decade or so ago analysts said the probes focused mainly on the U.S. government – a generally ackowledged intelligence gathering activity similar to Americans and Russians spying on each other during the Cold War.

But in the last 10 to 15 years, the attacks have gradually broadened to target defense companies, and then other critical industries including those in energy, finance and other sectors. According to Ramsey and other cyber analysts, hackers in China have different digital fingerprints, often visible through the computer code they use, or the command and control computers that they use to route their malicious software through.

U.S. government officials have been reluctant to tie the attacks directly back to the Chinese government, but analysts and officials quietly say that they have tracked enough intrusions to specific locations to be confident they are linked to Beijing – either the government or the military. And, they add that they can sometimes glean who benefited from a particular stolen technology.

One of the analysts said investigations show that the dozen or so Chinese teams appear to get “taskings”, or orders, to go after specific technologies or companies within a particular industry. At times, two or more of the teams appear to get the same shopping list, and compete to be the first to get it, or the one with the greatest haul.

Analysts and U.S. officials agree that a majority of the cyberattacks seeking intellectual property or other sensitive or classified data are done by China-based hackers. While much of the cyberattacks stealing credit card or financial information come from Eastern Europe or Russia.

According to experts, the malicious software or high-tech tools used by the Chinese haven’t gotten much more sophisticated in recent years. But the threat is persistent, often burying malware deep in computer networks so it can be used again and again over the course of several months or even years.

The tools include malware that can record keystrokes, steal and decrypt passwords, and copy and compress data so it can be transferred back to the attacker’s computer. The malware can then delete itself or disappear until needed again.

Several specific attacks linked to China include:
  1. Two sophisticated attacks against Google’s systems that stole some of the Internet giant’s intellectual property and broke into the Gmail accounts of several hundred people, including senior U.S. government officials, military personnel and political activists.
  2. Last year computer security firm Mandiant reported that data was stolen from a Fortune 500 manufacturing company during business negotiations when the company was trying to buy a Chinese company.
  3. Earlier this year, McAfee traced an intrusion to an Internet protocol address in China and said intruders took data from global oil, energy and petrochemical companies.
For the first time, U.S. intelligence officials called out China and Russia last month, saying they are systematically stealing American high-tech data for their own economic gain. The unusually forceful public report seemed to signal a new, more vocal U.S. government campaign against the cyberattacks.

The next step, said Cartwright, must be a full-throated U.S. policy that makes it clear how the U.S. will deal with cyberattacks, including the attackers as well as the nations the attacks are routed through. Once an attack is detected, he said the U.S. should first go through the State Department to ask the country to stop the attack. If the country refuses, he said, the U.S. will have the right to stop the computer server from sending the attack by whatever means possible while still avoiding any collateral damage.

Source :
Share this article :

+ comments + 7 comments

1 November 2013 at 02:33

headsof to the chinese people..bcose having a unique mind...

Thanks Unknown for comments on A few Chinese hacker teams do most US data theft
20 February 2014 at 13:49

thẩm mỹ viện

Thanks Anonymous for comments on A few Chinese hacker teams do most US data theft
24 March 2017 at 15:54

lúc gặp bắt buộc căn bệnh dày sừng nang lông thường mọi người sẽ tương đối hoang mang cũng như đặt ra không ít thắc mắc xoay quanh căn bệnh này. Ngay dưới đây là một số thắc mắc thường gặp về dày sừng nang lông mà mọi người có thể tham khảo để có một số cái nhìn đúng đắn nhất về bệnh và biết cách phòng khám da liễu ở Bến Tre hiệu quả nhất có thể. bệnh dày sừng nang lông là căn bệnh xảy ra ở ngoài da do sự rối loạn sản sinh tế bào dưới da, tăng tạo nút tại phễu nang lông dẫn đến tổn thương tại nang lông cũng như biểu hiện bằng một vài dấu hiệu bệnh viện da liễu ở Quận 9 cơ bản như: ngứa da, tắc nghẽn tuyến bài tiết dẫn đến viêm nang lông, những nang lông sẽ bí lại hoặc một số bã chất nhờn bị ứ đọng gây ra da sằn bệnh lí sùi, có đầu trắng, sưng đỏ

Thanks Unknown for comments on A few Chinese hacker teams do most US data theft
5 June 2020 at 14:42

Klokka er designet og funksjonelt edru og elegant.salg kopi eksklusive klokker Kvaliteten er relativt perfekt. Dette er første gang jeg kjøpte en kopi klokke. Denne klokken er veldig overraskende for meg. Fargen er veldig lav nøkkel,copia orologi accessoires ser veldig dame, ga kjæresten en, kjæresten har alltid rost dette klokken foran meg, hun er veldig glad.

Thanks csyan for comments on A few Chinese hacker teams do most US data theft
25 October 2021 at 17:17

My partner and i condiment the actual meliorates that will astonishingly stunned myself this envelop associated with fashion should be more than from the stock options fold in addition in the same way seeks the knowledge an individual bum! Cambodian Magic Mushrooms

Thanks Maariah for comments on A few Chinese hacker teams do most US data theft

Post a Comment