Washington: Cyber attacks on Google and other firms are part of a shadowy campaign in cyberspace being waged by China and other nations that goes largely undetected, according to cyber security experts and analysts.
“China is not the only place to engage in this kind of espionage, but they are certainly busy,” said James Lewis, a cyber security expert at the Center for Strategic and International Studies (CSIS) here. “They’re probably the biggest actors when it comes to economic espionage,” Lewis said, and the hacking of Google and other firms “fits in with all the complaints you’ve heard about intellectual property and piracy”.
Web security firm McAfee said in its Virtual Criminology Report released in November that China, France, Israel, Russia and the US were among the countries which have developed “advanced offensive cyber capabilities”.
“China’s at the top of the list,” Dmitri Alperovitch, vice-president of threat research for McAfee, said. “They have great focus on espionage activities and penetration of organizations,” he said. “They’ve been very successful in penetrating the US government in a variety of ways in recent years and exfiltrating valuable classified data about ongoing military operations, military hardware specs, that sort of thing.”
While stressing McAfee had “no proof” the Chinese government was directly behind the attack on Google, Alperovitch said “there are indications though that a nation-state is behind it”.
Concern mounts: People at an Internet cafe in Fuyang, China. The country is said to be one of the biggest players when it comes to economic espionage. AP
“It fits the pattern of a very sophisticated cyber espionage programme that’s been under way for years,” said CSIS’ Lewis, that involves “more than just the Chinese government”. “There’s probably a centrally directed programme, an espionage programme,” he said. “But there’s other people who do it as freelancers, or companies do it, or ministries do it.”
Ronald Deibert, director of Citizen Lab at the Munk Center for International Studies at the University of Toronto, agreed that China-based hackers are by no means the only ones probing the computer networks of business and political rivals around the world.
“It’s not just China that’s doing it although China’s very aggressive,” said Deibert, an author of the GhostNet report, which uncovered a China-based network that had compromised 1,295 computers in 103 countries including those of the Tibetan spiritual leader, the Dalai Lama. “Espionage attacks we’ve seen, that seem to come from mainland China are consistent with China’s strategic doctrine in this area and also consistent with what a lot of other countries are proposing to do in this area,” he said. “For example, if you look at the US, the director of national intelligence, Dennis Blair, said that we need to be more aggressive stealing other countries’ secrets.” “In (US President Barack) Obama’s cyber security review, among the things that were underlined was the need to develop operational capabilities to fight and win wars in cyberspace including cyber espionage attacks of this sort.”
Web security experts and analysts said it is almost impossible to prove who is behind a particular cyber attack and noted that firms rarely come forward and admit they have been targeted.
“We’ve conducted a three-year research project on surveillance and one of the things we’ve learned is how absolutely very difficult it is to study,” said Colin Maclay, managing director of the Berkman Center for Internet and Society at Harvard University.
“Google did us a favour by coming out of the closet,” said CSIS’ Lewis. “Most companies won’t do it.”
Only one other firm, Adobe, has acknowledged it was targeted in the attack which Google said originated from China.
While the probing of Google’s computer systems was “not unusual”, said Citizen Lab’s Deibert, what was extraordinary was their “public response”.