The Chinese seem to be able to hack most any business but that is only part of their capability to get the results they want in the Information War we are in with them. They have been equally adept at making those hacking accusations go away. These are some examples:
1. Leading up to the May talks between The U.S. and China leaders, there have been a flurry of stories portraying China as a victim of attacks, but not a country that does them. A Chinese Defense official says we "insult the intelligence" of the Chinese people by inferring they need to steal secrets to get ahead in the world, and a spokesman for the Chinese Academy of Sciences Institute and Computing Technology (ASICT) said Chinese hackers “were not smart enough to steal data from U.S. businesses”. They need to get their stories straight, but the idea of denial by diffusion is a popular tactic being used.
2. Two longer private studies [Shadows in the Cloud, Information Warfare Monitor & Shadowserver Foundation, April 6, 2010] , were published a year apart. In the first report, they said they were not so sure that China itself was involved and that Internet hacking from China could be duet to a 1000% increase in Chinese users over the last 8 years. In their April 2010, analysis, they had much more on how information was being stolen, what it was, and where it was going. The target was the Dalai Lama. The information being stolen was coming from Indian embassies in Belgium, Serbia, Germany, Italy, Kuwait, the United States, Zimbabwe, and the High Commissions of India in Cyprus and the U.S. How many hackers have an interest in the private letters of the Dalai Lama? China denies doing any such thing, but they are the only ones that benefit from knowing what the Dalai Lama is going to do next.
3. The CEO of RSA, on NBC's Squakbox, recently said "Nobody ever told us who hacked us", when everything I read, especially from http://www.secureworks.com/cyber-threat-intelligence/threats/htran/
certainly indicates the origins of the attack were from China. A SANS report[i] says somebody emulated enough information in an RSA token to get into Lockheed, and Lockheed says they got in using a token, without saying who’s token it was. [ii] Who really hacked RSA?
4. Last month, the Defense Science Board released a report on Chinese hacking saying they had successfully gotten proprietary information related to a number of advanced weapons systems in U.S. industries [see http://articles.washingtonpost.com/2013-05-27/world/39554997_1_u-s-missile-defenses-weapons-combat-aircraft] None of the defense industries will comment on the attacks, nor say whether their systems had been breached. How did the Chinese get the weapons information?
It seems that our passion for secrecy has allowed us to keep the extent and locations of China's hacking, the scope of it, and what needs to be done to stop it, from making a permanent impression on the public. Are we forgetting who is hacking us?
[i]
Johannes Ullrich, Lockheed Martin
and RSA Tokens, 30 May 2011 https://isc.sans.edu/diary/Lockheed+Martin+and+RSA+Tokens/10939
[ii] Christopher
Drew, Stolen Data is Tracked to Hacking at Lockheed, New York Times, 3 June,
2011, http://www.nytimes.com/2011/06/04/technology/04security.html?_r=0
