Defense News
11/06/2011
Chinese
Cyber-Espionage Growing: U.S. Report
By WENDELL MINNICK
TAIPEI - A new U.S.
intelligence report declares the most active and persistent perpetrator of
economic espionage is China.
The report, issued by
the U.S. Office of the National Counterintelligence Executive (ONCIX), draws on
the inputs and reporting from more than a dozen U.S. law enforcement and
intelligence collection bodies, including the CIA, FBI, DIA and NSA.
China views economic
espionage as an "essential tool in achieving national security and
economic prosperity," the report said.
The report -
"Foreign Spies Stealing U.S. Economic Secrets in Cyberspace: Report to
Congress on Foreign Economic Collection and Industrial Espionage,
2009-2011" - indicates the U.S. intelligence community judges the use of
cyber tools is now a greater threat than more traditional espionage methods.
A recent Chinese
espionage case in the U.S. contrasts the shift from traditional espionage
tradecraft to today's cyber espionage techniques. Dongfan Chung, a former
Boeing and Rockwell engineer who had worked on the B-1 bomber and space
shuttle, was sentenced by a U.S. Federal Court in 2010 to 15 years for having
250,000 pages of sensitive documents in his home.
"This is
suggestive of the volume of information Chung could have passed to his handlers
between 1979 to 2006," the report said.
The logistics of
handling the physical volume of so many documents, equal to "four 4-drawer
filing cabinets," are staggering. However, according to the report, today
the information could have easily fit onto a compact disc or transferred via
e-mail. "Cyberspace makes possible the near instantaneous transfer of
enormous quantities of economic and other information."
The costs of cyber
espionage on commercial U.S. business are high.
■ Between 2008 and
2009 an employee of Valspar Corporation, David Yen Lee, downloaded proprietary
paint formulas valued at $20 million with the intent of selling it to China.
■ Meng Hong, a Dupont
Corporation research chemist, downloaded proprietary information on organic
light-emitting diodes in 2009 with the intent of transferring the data to a
Chinese university.
■ Yu Xiang Dong, a
product engineer with Ford Motor Company, copied 4,000 Ford documents onto an
external hard drive in 2009 with the intent of transferring the data to an
automotive company in China.
China's intelligence
services seek to "exploit" Chinese citizens or persons with family
ties to China to recruit. Of the seven cases that were adjudicated under the
Economic Espionage Act in 2010, six involved a link to China.
U.S. corporations and
cyber security specialists have reported an "onslaught" of computer
network intrusions originating from China. "Some of these reports have
alleged a Chinese corporate or government sponsor of the activity," but
the U.S. intelligence community has not been able to confirm these reports.
In a study released
in February, McAfee attributed an intrusion attempt they labeled "Night
Dragon" to a Chinese Internet Protocol (IP) address and indicated the
intruders stole data from the computer systems of petrochemical companies.
In January 2010,
VeriSign iDefense identified the Chinese government as the sponsor of
intrusions into Google's networks.
MANDIANT, a cyber
security company, reported in 2010 that information was pilfered from the
corporate networks of a U.S. Fortune 500 company during business negotiations
in which the company was looking to acquire a Chinese firm.
The report states
that China is driven by its longstanding policy of "catching up fast and
surpassing" the Western powers. "An emblematic program in this drive
is Project 863, which provides funding and guidance for efforts to
clandestinely acquire U.S. technology and sensitive economic information."
Project 863 lists the development of "key technologies for the
construction of China's information infrastructure."
In terms of military
technology, China is focusing on two areas: marine systems designed to
jump-start the development of a blue-water navy, and aerospace systems that
will allow China's air force to develop air supremacy.
The U.S. is not the
only victim of Chinese cyber espionage, according to the report. South Korea
claims that in 2008 the country lost $82 billion in proprietary information
from Chinese and other hackers. Japan's Ministry of Economic, Trade and
Industry (METI) conducted a survey of 625 manufacturing firms in 2007 and found
that more than 35 percent reported some form of technology loss and more than
60 percent of those leaks involved China.
Since late 2010,
hackers have accessed more than 150 computers at France's Finance Ministry,
exfiltrating and redirecting documents relating to the French G20 presidency to
Chinese sites.
The British Security
Service's Centre for the Protection of National Infrastructure warned hundreds
of business leaders in 2010 of Chinese economic espionage practices, including
the giving of gifts of cameras and memory sticks equipped with cyber implants
at trade fairs and exhibitions.
German officials also
noted that business travelers' laptops are often stolen during trips to China.
"The Germans in 2009 highlighted an insider case in which a Chinese
citizen downloaded highly sensitive product data from the unidentified German
company where he worked to 170 CDs," the report says.
China always denies
reports of being involved in cyber espionage and often responds with
counteraccusations.
No comments:
Post a Comment