World

U.S. Security Analysts: Chinese-Based Hacks Can Be Traced to 12 Gov’t-Backed Groups

Chinese Hacks Can be Traced Back to 12 GroupsWASHINGTON (AP) — As few as 12 different Chinese groups, largely backed or directed by the government there, commit the bulk of the China-based cyberattacks stealing critical data from U.S. companies and government agencies, according to U.S. cybersecurity analysts and experts.

The aggressive but stealthy attacks, which have stolen billions of dollars in intellectual property and data, often carry distinct signatures allowing U.S. officials to link them to certain hacker teams. Analysts say the U.S. often gives the attackers unique names or numbers, and at times can tell where the hackers are and even who they may be.

Sketched out by analysts who have worked with U.S. companies and the government on computer intrusions, the details illuminate recent claims by American intelligence officials about the escalating cyber threat emanating from China. And the widening expanse of targets, coupled with the expensive and sensitive technologies they are losing, is putting increased pressure on the U.S. to take a much harder stand against the communist giant.

It is largely impossible for the U.S. to prosecute hackers in China, since it requires reciprocal agreements between the two countries, and it is always difficult to provide ironclad proof that the hacking came from specific people.

Several analysts described the Chinese attacks, speaking on condition of anonymity because of the sensitivity of the investigations and to protect the privacy of clients. China has routinely rejected allegations of cyberspying and says it also is a target.

“Industry is already feeling that they are at war,” said James Cartwright, a retired Marine general and former vice chairman of the Joint Chiefs of Staff.

A recognized expert on cyber issues, Cartwright has come out strongly in favor of increased U.S. efforts to hold China and other countries accountable for the cyberattacks that come from within their borders.

“Right now we have the worst of worlds,” said Cartwright. “If you want to attack me you can do it all you want, because I can’t do anything about it. It’s risk-free, and you’re willing to take almost any risk to come after me.”

The U.S., he said, “needs to say, if you come after me, I’m going to find you, I’m going to do something about it. It will be proportional, but I’m going to do something … and if you’re hiding in a third country, I‘m going to tell that country you’re there. If they don’t stop you from doing it, I’m going to come and get you.”

Cyber experts say companies are frustrated that the government isn’t doing enough to pressure China to stop the attacks or go after hackers in that country.

Much like during the Cold War with Russia, officials say the U.S. needs to make it clear that there will be repercussions for cyberattacks.

The government “needs to do more to increase the risk,” said Jon Ramsey, head of the counter threat unit at the Atlanta-based Dell SecureWorks, a computer security consulting company. “In the private sector we’re always on defense. We can’t do something about it, but someone has to. There is no deterrent not to attack the U.S.”

Cyberattacks originating in China have been a problem for years, but until a decade or so ago analysts said the probes focused mainly on the U.S. government – a generally acknowledged intelligence gathering activity similar to Americans and Russians spying on each other during the Cold War.

But in the last 10 to 15 years, the attacks have gradually broadened to target defense companies, then other critical industries, including energy and finance.

According to Ramsey and other cyber analysts, hackers in China have different digital fingerprints, often visible through the computer code they use, or the command and control computers that they use to move their malicious software.

U.S. government officials have been reluctant to tie the attacks directly back to the Chinese government, but analysts and officials quietly say they have tracked enough intrusions to specific locations to be confident they are linked to Beijing – either the government or the military. They add that they can sometimes glean who benefited from a particular stolen technology.

One of the analysts said investigations show that the dozen or so Chinese teams appear to get “taskings,” or orders, to go after specific technologies or companies within a particular industry. At times, two or more of the teams appear to get the same shopping list and compete to be the first to get them or to pull off the greatest haul.

Analysts and U.S. officials agree that a majority of the cyberattacks seeking intellectual property or other sensitive or classified data are done by China-based hackers. Many of the cyberattacks stealing credit card or financial information come from Eastern Europe or Russia.

According to experts, the malicious software or high-tech tools used by the Chinese haven’t gotten much more sophisticated in recent years. But the threat is persistent, often burying malware deep in computer networks so it can be used again and again over the course of several months or even years.

The tools include malware that can record keystrokes, steal and decrypt passwords, and copy and compress data so it can be transferred back to the attacker’s computer. The malware can then delete itself or disappear until needed again.

Several specific attacks linked to China include:

- Two sophisticated attacks against Google‘s systems stole some of the Internet giant’s intellectual property and broke into the Gmail accounts of several hundred people, including senior U.S. government officials, military personnel and political activists.

- Last year, computer security firm Mandiant reported that data was stolen from a Fortune 500 manufacturing company during business negotiations when the company was trying to buy a Chinese company.

- Earlier this year, McAfee traced an intrusion to an Internet protocol address in China and said intruders took data from global oil, energy and petrochemical companies.

A Chinese Foreign Ministry spokesman, Liu Weimin, did not respond Monday to the specific allegations about government-supported cyber-attacks but said Internet security is an issue the world needs to address collectively. The international community should “prevent the Internet from becoming a new battlefield,” Liu said at a daily media briefing in Beijing.

For the first time, U.S. intelligence officials called out China and Russia last month, saying they are systematically stealing American high-tech data for their own economic gain. The unusually forceful public report seemed to signal a new, more vocal U.S. government campaign against the cyberattacks.

The next step, said Cartwright, must be a full-throated U.S. policy that makes it clear how the U.S. will deal with cyberattacks, including the attackers as well as the nations the attacks are routed through. Once an attack is detected, he said, the U.S. should first go through the State Department to ask the country to stop the attack. If the country refuses, he said, the U.S. will have the right to stop the computer server from sending the attack by whatever means possible while still avoiding any collateral damage.

Associated Press writer Alexa Olesen in Beijing contributed to this report.

Comments (29)

  • packsack54
    Posted on December 12, 2011 at 2:34pm

    Boy i wonder how that drone landed in Iran intact, would you think it should had a self destructed devices in it? Or was it hacked into and landed?

    Report Post »  
    • chazman
      Posted on December 12, 2011 at 4:17pm

      @PACK

      Look, that damn drone thing is a lie. Why the hell are they covering the bottom of that ‘STYROFOAM MOCKUP’ so that the world can’t see it? Wouldn‘t it be nice to see the ’STYROFOAM MOCKUP’ supported by a landing gear? More important, consider the source: a pack of lyin’, Iranian muslim murderers who could never be trusted anyway! Comon people! Laugh about it! That damn thing is NOT AN AMERICAN DRONE!!

      @TERM

      Good laugh! Keep up the good work!

      Report Post »  
  • term limits for congress
    Posted on December 12, 2011 at 1:00pm

    1.) Stupid companies. Critical systems should not be on networks (or have interfaces) that are open to the WWW.

    2.) Hack back! Shut ‘em down! Wreck ‘em!

    3.) Plant formulas to create dylithium crystals and matter/anti-matter engines, which are actually formulas for the Chevy Volt.

    Report Post »  
    • Time2fixthismess
      Posted on December 12, 2011 at 1:27pm

      Totally agree!

      A very complicated and worthless blueprint to create a cold-fusion ray gun/laser might keep them busy for a while.

      The only way to off set this continual theft is give them so much bad data, that looks realistic, that they spend more time analyzing than attacking; then of course, hack them back.

      Report Post »  
    • txn4justice
      Posted on December 12, 2011 at 6:47pm

      Agreed. Time to circle the wagons folks. The Chinese are attacking.

      Report Post »  
  • JEANNIEMAC
    Posted on December 12, 2011 at 11:59am

    We all know that Obama’s intent is to destroy our economy and have the USA become a vassal of the UN. We cannot expect him, Democrats or RINOs to help us. FEMA camps are being activated, a law was passed allowing the government to imprison citizens without warrant or fair trial. A National Guardsman was arrested for refusing to agree to fire on American citizens if ordered to do so.
    At this point, many citizens want to simply march on Washington, and throw the bums out. But, Obama would declare martial law and have many citizens killed or imprisoned. Why not simply pack up and move to Alaska? Once there, join the secessionist movement and secede from the union.
    All able bodied people would be expected to become proficient in the use of weapons, and be prepared for the common defense. The original Constitution could be adopted as the law of the land.
    The present governing setup of Alaska could stay in place, with a new election being held for a president and representatives of the various districts. It can be done. Alaska is the last frontier on the planet. If not now, when?

    Report Post »  
    • Shamrock241
      Posted on December 12, 2011 at 8:14pm

      I understand how you feel, but i would rather make a stand here in the lower 48 and remove this Socialist regime. If left unchallenged they will continue to gain strength and if they wanted to take control of Alaska again you could not stop them.

      Report Post »  
    • BORNINTOAWORLDATWAR
      Posted on December 13, 2011 at 2:36am

      Well first of all, for you to move to Alaska and be part of secession plan, you would have to work your way through all of us Alaskans.

      And we do not fear those from the lower 48, be ye friend or foe.

      Report Post » BORNINTOAWORLDATWAR  
  • SweetDoug
    Posted on December 12, 2011 at 11:28am

    Tariffs.

    Simple as that. Start at 5% a month and keep it going until they squeak. It’ll hurt us, but you know what? We’ll buy our own crap or do with out.

    When I’m hurting, I know they will be to, and that will make me feel better.

    •∆•
    V-V

    Report Post » SweetDoug  
    • JRook
      Posted on December 12, 2011 at 11:48am

      But yet they have favorite nation status and receive a rather one sided trade agreement with the US. As I have said before we have the best politicians money can buy on both sides of the isle. No doubt some of them have price tags that are in $ and yen.

      Report Post »  
  • elkslayer
    Posted on December 12, 2011 at 9:43am

    Does this mean I’ll have to learn chinese?

    Report Post » elkslayer  
  • BpSitRep
    Posted on December 12, 2011 at 9:07am

    Now the next step is to PUBLICLY list/name every entity/group/person in China that is responsible for these attacks. Stating them anonymously in this article does nothing but waste time. Hold the PRC accountable, make the PRC defend those ‘named’ publicly….what we going to do next, change the invading army from Chinese to North Korean to appease the Chinese??!!

    Report Post » BpSitRep  
  • lukerw
    Posted on December 12, 2011 at 8:46am

    EMP em!

    Report Post » lukerw  
  • TheePolitinator
    Posted on December 12, 2011 at 8:37am

    Mark my words they mess with the internet and its gonna be US vs. Them. We have all had enough.

    Report Post » TheePolitinator  
  • SamIamTwo
    Posted on December 12, 2011 at 8:37am

    Obama supported no doubt…after all it was his decision to let Iran have the high tech drone. It was his choice not to blow it up and not to go after it in the desert…Obama the facilitator of a portion of end times prophecy.

    In Revelations it states that an army of 200M will rise up (and at the time of the writing the population of the earth did not support such an army that size). Now which nation has more than 200M in their army? You got it.

    Report Post » SamIamTwo  
  • tbeachhead
    Posted on December 12, 2011 at 8:35am

    It must be possible to hack ‘em back and shut them down. Their pages should be made public, and someone oughta be able to stream multiple copies every speech Obama ever made…but then human rights watchdogs might start defending the hackers.

    Report Post » tbeachhead  
    • computernerd2352
      Posted on December 12, 2011 at 10:10am

      The problem is that the Air forces response is to keep key systems up and running and under US control. Your and my internet connections are not of key national importance. By the way they also have a philosophy of letting the systems that are not necessary to fall into enemy hands!

      Report Post »  
  • Snowleopard {gallery of cat folks}
    Posted on December 12, 2011 at 8:34am

    Everyone yahoo search the link for a sight called “Strategic Studies Institute” and read the short publication/download they have about China (Dec 1, 2011), within it is the latest information on opinion of China enforcing ‘civilian hackers’ to aid the CCP governing body to deal with cyber offensive attacks/raids/probes.

    This usage of such hack attacks in addition to military ones is a portion of what they still refer to as an updated “Peoples War” in which all provide the services for the greater needs of the country; and by force if necessary.

    With the way Mr Obama keeps bowing to the four dragons and the Tiger I fear we will either be just up and given into their hands by him; or face a real shooting war that he will immediatly give up as a unconditional surrender to them in turn.

    Report Post » Snowleopard {gallery of cat folks}  
  • Detroit paperboy
    Posted on December 12, 2011 at 8:19am

    You mean to tell me China is not looking out for our best interests ???? COME ON …

    Report Post »  
  • KICKILLEGALSOUT
    Posted on December 12, 2011 at 8:18am

    Good blog to read I found that has some interesting articles on China.
    http://spkntruth.blogs.experienceproject.com/

    The Chinese are engaged in the largest espionage campaign in the world against us, what do our politicians and universities do? They can’t fly over to China fast enough to sign up record numbers of Chinese to come here and teach them everything we know and allow them to take full advantage of us and use us in anyway we can benefit their rise and our fall. Record numbers of Chinese in our universities with 30% increases year on year. Made in China products have a stranglehold on our markets running hundreds of billions in trade deficits. Stealing our tech and then using it to compete against us. Chinese spies rampant across the US in our universities, corporations, military contractors and government, mass migration legally and illegally of Commie Chinese to this country which has allowed them to form sizable community and elect government officials that are Chinese government puppets. They are buying our politicians and learning how to lobby in our government with their huge sums of corrupt cash to get what they want and manipulate us. Most of the food on our shelves if from China and poisonous while we export our good food to them. They are already stealth buying land, businesses and resources within the US and steadily trying to migrate their people here to take over and ease their population concerns. Everything from China should be boycotted, their pro

    Report Post » KICKILLEGALSOUT  
    • Phantom II
      Posted on December 12, 2011 at 10:17am

      @Kickillegalsout. Don’t blame China. Blame, Democrats, progressives, liberals, Rinos, etc. We are about to elect one of 3 progressives as president. In less than a year, I may relinquish my citizenship. The destruction of America has been the goal of England and Europe since our independence.China does not wish to destroy us.‘The Art of war’.Immigrants once came here to flee tyranny. As we weaken, they come here to take advantage of us.Since my service to my country in SE Asia, I have found it easier to do business in other countries.Our government has discouraged growth since the 60s. Americans are fleeing to other countries because of incentive and yes, freedom. Where there is capital flight, therein lies the future. It is an absolute pleasure to do business in China.The government is your partner.Beck claims that we are all going down and must prepare for the horrors that await us. I have no respect for this man. He has no education so he can’t disseminate the information he gathers.Never trust an alcoholic. He has another addiction, his own self importance which he confuses with guidance from God. I have plenty of optimism for the future, its just not in the US. As an aviator, I was trained to leave myself an out. When our folly has run it’s course, my children and my children’s children, who reside in China may return to pick up the spoils. China is not your enemy, my friend, it is fools that make someone like Obama or Gingrich our president. Take aim elsewhere, le

      Report Post » Phantom II  
  • THE TRUTH SHALL MAKE YOU FREE
    Posted on December 12, 2011 at 8:14am

    More drumbeating by the nazis in charge…look beyond the story, they keep planting these farces for onecreason, THEY WANT COMPLETE CONTROL OF THE INTERNET, and when they move in for the kill they will have the sheeple conviced it is for their “ safety”.

    Report Post » THE TRUTH SHALL MAKE YOU FREE  
  • watashbuddyfriend
    Posted on December 12, 2011 at 7:52am

    I missed the listing of the 12?

    Report Post »  
  • SpankDaMonkey
    Posted on December 12, 2011 at 7:49am

    .
    Ya’ll have to Hack? I thought Obama did the bend over, come on in special for Ya’ll?…………

    Report Post » SpankDaMonkey  
  • recoveringneocon
    Posted on December 12, 2011 at 7:46am

    Shows that your banker (Slave Master) really isn’t your freind.

    Report Post » recoveringneocon  
  • Your Name Here
    Posted on December 12, 2011 at 7:45am

    If we know that these hackers are Chinese and how much they’ve stolen then send them a itemized bill and deduct that from our loan payments to the Chinese.

    Report Post » Your Name Here  
    • LastAmerican
      Posted on December 12, 2011 at 8:14am

      Good one.

      Report Post »  
    • SamIamTwo
      Posted on December 12, 2011 at 8:40am

      Team O has no business folk that are smart enough to decrement the billing.

      Excellent thought though! Submit it to Team O and get a cash reward. hahaha

      His websit has a suggestion area…I’ve used it countless times to no avail. LOL

      Report Post » SamIamTwo  

Sign In To Post Comments! Sign In

Sign Up For Our Newsletter!

Glenn Beck Radio

Listen to Glenn Beck 24/7 Listen Now
Restoring Love