Chinese Hacking: War in the Wires

The Chinese have not just started hacking the U.S. when they tried to determine sources for the New York Times and Wall Street Journal series of articles.  They have been doing it for a long, long time.

The most interesting report on how the Chinese hack their targets is in Shadows in the Cloud:  Investigating Cyber Espionage 2.0, at http://shadows-in-the-cloud.net.  This report by the Information Warfare Monitor and Shadowserver Foundation shows the fabric of embassies and consulates hacked by the Chinese.  It is already 3 years old, but it traces their involvement in trying to find out the workings of Ghostnet, the network used in the attacks.  The report follows Chinese efforts to obtain plans and internal letters of the Dalai Lama.  Since this is a guy who never hurt anyone and is certainly not an enemy of China, we have to wonder why they would go to such ends to get almost 1500 of his personal letters, hacking the embassies of both India and Pakistan in the U.S.  (among the many others in 36 countries).

They do it for the same reasons they hacked the campaigns of President Obama and Senator McCain, because they want to know plans and strategies of the people around a leader.  They will influence those who are in a position to influence the persons involved.  They want to know why people do what they do, and who influences them to move in one direction or another.  They don't just hack to steal software from a vendor or military secrets from a defense contractor.  They want to know why the software is made the way it is, the strategy for selling and marketing it, and the next steps the vendor is anticipating.  If they are going to compete, and win, they need that type of information about a lot of different companies, and they are certainly working hard to get it.  We don't have many secrets from the Chinese.

Our national strategy does not allow us to do the same thing the Chinese are doing to us.  If our Intelligence Agencies find something out about where the Chinese are going to market their new network equipment or the bribes they paid to those Afghan workers to get a contract, we cannot pass it along to the contractors competing against them.  We play with both hands tied behind our back, and the Chinese know it.  We need to think about this a little bit.  We need to think about whether it is enough to give businesses information about who is hacking them and what they can do about it.  We have been doing that for 10 years and it doesn't help.  We need to tell them why they are being hacked and how that information is being used.  Two things come from that:  (1) they will protect their information better than they do now and (2) they can use that information to adjust their strategies to compete with the insider information being collected from them.