- House and Senate negotiators reach two-year budget deal
- Congress seeks ban on in-flight calls
- Michelle Malkin’s Twitchy site sold to owners of Townhall, HotAir: report
- GM’s Barra to be first woman to run top American carmaker
- China: Poisonous smog is a military asset, if you think about it
- Texas woman admits to sending ricin to Obama
- Ron Paul on son Rand: ‘I think he probably will’ run for president
- Cold War heats up again in the Arctic: Russian airfield reactivated after 20 years
- 6-year-old boy suspended for sexual harassment over kiss
- Voters deciding Mass. congressional contest
Cyber-attack on U.S. firms, Google traced to Chinese
Mr. Kurtz said the “magic” behind the attack is that most computer users thought they were protected by firewalls, but in Aurora “the bad guys don’t actually break through your firewall.”
“Your PC will actually go out and make that connection, and that’s how they control your PC from inside the company,” he said.
Gary Elliott, a Virginia-based information assurance and cyberwarfare specialist, said the techniques and methods used for the cyber-attack convinced him that the most likely source was either China’s intelligence services or its military. He said China was known to have at least 2,000 cyberwarriors working on defensive and offensive operations several years ago.
“The very high level of hacker sophistication in these exploits, along with the 30 or so very well-thought-out and coordinated attacks against American companies, leads me to believe that there are very few places in the world that are capable of performing this type of cyberwarfare,” Mr. Elliott said. “There was a large government military or intelligence agency behind this.”
Mr. Elliott said operations like Aurora take months or even years to plan and require mapping technical infrastructures of the targeted companies, a capability the Russian mafia, which is known to be a formidable nongovernment cyberthreat, could not perform.
A report on Chinese cyber-operations by the congressional U.S.-China Economic and Security Review Commission made public in October said China is using attacks similar to the one carried out against Google.
“China is likely using its maturing computer network exploitation capability to support intelligence collection against the U.S. government and industry by conducting a long-term, sophisticated, computer network exploitation campaign,” the report said.
Cyber-attacks used by the Chinese are “characterized by disciplined, standardized operations, sophisticated techniques, access to high-end software development resources, a deep knowledge of the targeted networks, and an ability to sustain activities inside targeted networks, sometimes over a period of months,” the report said.
Mr. Elliott also said the reported links by Internet Protocol addresses to Shanghai Jiaotong University have raised the question in computer security circles about whether the attack involved the work of a notorious Chinese hacker named Peng Yinan, who operated independently in the early 2000s and then went to work for the Shanghai Public Security Bureau, one unit of China’s internal political police.
“Peng Yinan works for the Shanghai Public Security Bureau and teaches at the Chen Ruiqiu building, located on the Jiaotong University campus,” he said.
Mr. Elliott said Mr. Peng has been linked to Chinese-origin hacker attacks that coincided with the April 2001 incident of a Chinese F-8 fighter colliding with a U.S. EP-3 surveillance aircraft off China’s coast.
Mr. Kurtz said attributing the attacks to China or Chinese-based hackers is difficult outside government circles. But based on the methods used, there is little doubt a major cyberpower was behind it.
“If you look at the countries capable of launching these sort of offensive initiatives, China is certainly one of them,” he said.
The Internet Explorer flaw likely was discovered more than a year ago and was the first step of what began last summer as a series of computer attacks on 20 to 30 high-tech firms.
Mr. Kurtz said the attack was a watershed because it involved an apparent government-sponsored attack on a commercial entity, namely Google, and the company’s decision to risk going public. Past sophisticated attacks were normally carried out by government against other governments or contractors.
About the Author
Bill Gertz is a national security columnist for The Washington Times and senior editor at The Washington Free Beacon (www.freebeacon.com). He has been with The Times since 1985.
He is the author of six books, four of them national best-sellers. His latest book, “The Failure Factory,” on government bureaucracy and national security, was published in September 2008.
- Inside the Ring: China targeting U.S. spy flights amid escalating tensions
- Inside the Ring: Tensions high during Joe Biden's Beijing visit
- Inside the Ring: U.S. funds China's nuclear security
- Inside the Ring: Danger of China conflict grows
- Inside the Ring: North Korean missiles deemed a serious threat to U.S.
By Donald Lambro
Growth spikes are little more than trend-free anomalies
- Obama takes 'selfie' at Mandela's funeral service
- Harry Reid's visa pressure cooker
- Somber duty: U.S. presidents in hot demand at Mandela's memorial
- American bourbon now better than Scottish whiskey: U.K.-born expert
- Chinese man fed up with his girlfriend's shopping jumps to his death
- CARSON: Why did the founders give us the Second Amendment?
- Israeli P.M. Benjamin Netanyahu backs out of Nelson Mandela funeral
- Galaxy S4 owner claims Samsung tried to silence him after phone caught fire
- FITTON: A closer look at the Benghazi lie
- Obama lied about Syrian chemical attack, 'cherry-picked' intelligence: report
Independent voices from the The Washington Times Communities
A column dedicated to discussing politics, national security, civil liberties, and education.
Criticism may not be agreeable, but it is necessary. It fulfills the same function as pain in the human body. It calls attention to an unhealthy state of things.
The “Silver Tsunami” created by aging Baby Boomers is hitting America. Let’s explore how we adjust to it, enjoy it and defy negative expectations about age.
Find the latest news and happening that effect those in the Washington D.C., Northern Virginia and Maryland Metro region.
White House pets gone wild!
Let it snow