Intell report says China, Russia stealing US secrets
- By Kevin McCaney
- Nov 04, 2011
After years of suspicions and mounting evidence, the United States has formally called out China and Russia on cyber espionage, accusing the countries of stealing U.S. economic and technology secrets. China quickly denied the accusation.
In a report, “Foreign Spies Stealing U.S. Economic Secrets in Cyberspace,” the Office of the National Counterintelligence Executive also said U.S. allies have used online methods to help themselves to sensitive information, although the report does not name those countries.
“Chinese actors are the world’s most active and persistent perpetrators of economic espionage,” the report states. It contains a list of significant attacks that have been traced to servers in China, although it does say, “the [intelligence community] cannot confirm who was responsible.”
China puts itself in the cyber crosshairs – what now?
The smoking gun on China’s US cyberattacks
Russia also is active in cyber espionage, according to the report, which says that country’s “intelligence services are conducting a range of activities to collect economic information and technology from U.S. targets.”
A spokesman for the Chinese Foreign Ministry issued a denial, citing the difficulty of proving the source of online attacks and calling the reports “unprofessional and irresponsible,” Reuters reported.
The United States’ leadership in technology and economic development makes it a target, and the fact that information is stored and shared electronically creates the vector for online attacks, the report states. “Cyber tools have enhanced the economic espionage threat, and the Intelligence Community judges the use of such tools is already a larger threat than more traditional espionage methods,” it says.
At a news conference to release the report, Robert “Bear” Bryant, the national counterintelligence executive, called online spying “a quiet menace to our economy with notably big results,” The Washington Post reported. “Trade secrets developed over thousands of working hours by our brightest minds are stolen in a split second and transferred to our competitors.”
Those competitors also include U.S. allies and partners, the report says, which have used “their broad access to U.S. institutions to acquire sensitive U.S. economic and technology information, primarily through aggressive elicitation,” a reference to social engineering and phishing attacks.
“Other countries with closer ties to the United States have conducted [computer network exploitation] and other forms of intelligence collection to obtain U.S. economic and technology data, often taking advantage of the access they enjoy as allies or partners to collect sensitive military data and information on other programs,” the report states.
U.S. officials have long hinted at China’s apparently growing involvement in cyber espionage, but until very recently any specific accusations have come from outside the government.
Among some recent high-profile attacks, the report says, VeriSign iDefense accused the Chinese government of being behind a hack into Google’s networks; McAfee traced the theft of data from energy companies to an IP address in China; and a number of U.S. companies, particularly those doing business with China, have reported the thefts of sensitive information.
But in the last two weeks, a report to Congress cited China as the probable source of the hack earlier this year of RSA Security, and said 760 companies, government agencies and other organizations may have been hit by the same operation.
And a congressional commission said China may have been behind the hack several years ago of two U.S. Earth observation satellites.
The report also notes several insider thefts of corporate information by people with ties to China.
Attacks against U.S. business and government organizations will continue, as China, Russia and other countries focus on economic growth and the number of IP connections grows, the report concludes, while recommending a list of best practices for U.S. organizations, including improved education, monitoring and data management.
Kevin McCaney is a former editor of Defense Systems and GCN.