The military of China is spying because they can and
it provides the one rationale for their own existence and careers. Worse, they have unlimited resources to spend
on this and they behave accordingly. A
large number of established businesses have abruptly lost markets over the past
decade at simply too fast a pace for it to be any sort of natural.
The good news is that the cyber part of the equation
is about to be slammed shut by a completely new protocol. That leaves the old ways of turning employees
and this is far slower and generally easier to defend against, the more so now
that the full weight of Chinese commercial aggression is understood.
The second solution of course is to use this over
the top aggression as an excuse to shift all vulnerable work directly over to
India to execute. Their manning levels
are now sufficient to quickly overtake apparent Chinese advantages.
What needs to be understood is that every Chinese
student gets a pretty clear pitch about Mother China before he leaves overseas
on his scholarship. Those that fail to
cooperate are still generally tolerated simply because so many individuals are
involved anyway. Of course, plenty
simply quietly settle in the West. All
would continue to be treated as potential moles simply because everyone’s first
loyalty is to his childhood and the doctrine imbued.
Thus this is no surprise at all. We would have done the same.
Fighting China’s
Military a Daily Task for US Companies
Last Updated: January 14, 2014 7:08 am
Economic espionage is
the dirty underbelly of globalization. Nation-states—particularly China—steal
intellectual property from U.S. companies at an extraordinary pace. And they
don’t just use computer hacking to
do so: insider spies plant hidden audio devices in light switches, or
retrofit smoke detectors with audio and video feeds.
The idea that businesses need to fend off
attacks from heavily equipped nation-states makes it “An unfair game … not a
balanced fight,” said Michael Oberlaender, the principal security strategist
Cisco Systems in the United States.
The focus has thus shifted from outright
prevention to mitigation. The joke that’s often told to portray this concept is
of two men camping in the woods, one sleeps with his shoes on in case he “needs
to run from a bear.” His friend tells him he can’t outrun a bear. He looks at
his friend and says, “I don’t need to outrun the bear. I just need to outrun
you.”
While cyberespionage is becoming more prominent,
“there are also cases where they’ll infiltrate your company with internal
spies,” said Oberlaender in a telephone interview from his home in Texas.
Oberlaender is also the former chief security officer of German telecom Kabel
Deutschland.
Raising
the Costs
The tough reality is
that no matter the precautions in place, not all attacks can be stopped—even
for some of the most critical services. According to a 2012
survey of 172 critical infrastructure
organizations by the Ponemon Institute and Bloomberg, companies would have to
double their Internet Technology (IT) security spending from $5.3 billion to
stop just 84 percent of attacks.
“You don’t have the resources that a
nation-state has,” Oberlaender said. He said his focus is on raising the bar as
high as possible, so it becomes a numbers game for any would-be attackers. They
then need to decide whether his company is worth the time and effort, or if it
makes more sense just finding another target.
He said that most of the cyberattacks he has
seen were traced back to Chinese, Russian, and Eastern European Internet
protocol (IP) addresses.
Due to the opaque nature of cyberattacks—one of
its key advantages for espionage—it is nearly impossible to find definite proof
of an attack’s origin.
Cybersecurity company
Mandiant, however, was able to trace attacks back to the
Chinese military’s Unit 61398. The discovery was a double-edged sword. On one
side, it gave the U.S. government a strong resource to call out the Chinese
regime for its campaigns of economic espionage. On the other side, the prospect
for companies of facing a foreign military rather than just a well-organized
group of hackers only painted a grimmer picture.
Large companies are required by law to report
security breaches when they occur, and U.S. federal agencies also help alert
them of attacks. The U.S. Secret Service was also assigned through the 2001
Patriot Act to reach out to companies and help secure their networks.
Deterring
China
There are proposals, however, for more direct
solutions to stop China’s state-run campaigns of economic espionage.
The U.S.–China Economic
and Security Review Commission gave several proposals in its 2013 report to Congress.
They range from banning imports from Chinese companies with products made from
stolen U.S. intellectual property, to preventing offending companies from using
U.S. banks, to making it easier for U.S. companies to file international
lawsuits against China.
Other proposals take a
more militaristic route. One would allow businesses to “conduct offensive
cyber operations in
retaliation against intrusions into their networks,” which range from taking
back what was stolen to “physically disabling or destroying the hacker’s own
computer or network.”
There are also
supporters of legalizing counter-cyberattacks. Oberlaender said he finds the
idea frightening. “It doesn’t bring you any positive business at the end of
the day,”
he said. “You don’t become a burglar just because you got robbed. Leave the
attack response to those agencies that have the resources for that.”
Counterintelligence
Companies face a dilemma. They are being
attacked on a daily basis, and they have little power to chase down the
thieves. Meanwhile, as businesses they’re trying to make money from their
products and services—not from fighting off foreign militaries and spy
networks.
This is where experts like Casey Fleming come
into play. Fleming is CEO of BlackOps Partners Corporation, which does
counterintelligence and protection of trade secrets for Fortune 500 companies.
Fleming’s line of work places him on the
frontline of a new kind of battlefield. He and his team regularly get called in
to uproot any forms of espionage being deployed against businesses, ranging
from backdoors to allow hackers on their computers to compromised employees
causing trouble from the inside.
“We’ve seen it all,” he said in a telephone
interview.
In some companies, his team found devices to
record audio hidden inside the light switches of conference rooms—where
information is summarized. In several companies, they found copy machines and
conference speakerphones that were refitted with “new” parts: “inside them was
recording technology, sending the information from the copier to China.”
In one of the more bizarre cases, they found a
Chinese spy was retrofitting smoke detectors in a building and fitting them
with video and audio feeds. “They tapped into the Internet connection above the
ceiling panels,” Fleming said. “Nobody could know. Nobody would ever know.”
Despite the buzz around cyberattacks and digital
espionage, Fleming and many others with direct knowledge of global espionage
said that cyber is a comparatively lesser threat when compared to conventional
“insider” spies.
“Cyber is just the canary. Immediately
addressing the human element is paramount,” according to former CIA director of
Office of Central Cover and BlackOps Board member, Eric Qualkenbush.
• 1. 141 since 2006:
Businesses and government agencies targeted by China’s cybermilitary Unit 61398
• 2. $13 billion to $500 billion a year: Estimated cost of economic espionage against the United States (Source: FBI, BlackOps Partners, Office of the National Counterintelligence Executive)
• 3. $300 billion to $1 trillion a year: estimated cost of global cyberattack (Souce: McAfee and the Center for Strategic and International Studies )
• 4. 96%: Cyberintrusions carried out by state-affiliated actors from China (Source: Verizon RISK Team, Data Breach Investigations Report )
Insider
Threat
For foreign governments there are strong
benefits to having insiders rather than hackers who merely have access to
compromised computers. Hackers suffer from tunnel vision, and are limited to
whatever network they’re on. Insiders have 24/7 access to the company, and can
also infect networks, hard copy information, and compromise other employees
directly.
With Chinese spies, acts of actual espionage are
usually carried out not by official spies, but rather by individuals recruited
by trained spies. The trained spies, typically working as “agents of
influence,” often try to draw little incriminating evidence against themselves,
and instead focus on recruiting or “compromising” targeted people.
With all the elaborate tricks aside,
old-fashioned bribery and blackmail are still very common. There are four
defining motives for someone to conduct espionage: money, ideology, coercion,
and ego (MICE). According to Fleming, Chinese agents have well-developed
methods to target people based on these motives, based on four weaknesses in
character: fame, profit, lust, and anger.
If a person is angry at an employer, or feels
underappreciated, a Chinese spy will feed that person’s ego, praising their
work and showing deep interest in their skills. A lustful person may be coerced
by women then blackmailed with a scandal. Scholars and politicians will often
be invited to China and enjoy the company of friendly, well-educated people who
will then try to defame America and defend their own communist ideology. People
interested in profit may get business offers and have money laundered to them
by discounts in international shipments.
“Americans participate in an open society. They
love bragging when they lead innovation, and they become a huge target when
they do,” Fleming said.
‘Pawns’
Fleming referenced a training video typically
given by the FBI on Chinese espionage. The video, “Game of Pawns: True Story of
a Student Traveling Abroad,” tells the story of Glenn Duffie Shriver, who was a
U.S. student at Grand Valley State University in Michigan.
Shriver was coerced into working as a spy for
the Chinese regime in 2004 while he was studying abroad in Shanghai. They
started by asking him to write papers, praised him for his work, paid him, and
slowly brought him closer. Shriver was caught when his Chinese controllers
tried getting him to join the CIA and he failed a lie detector test.
He was arrested while trying to flee to China and was sentenced to four years
in prison.
Fleming said in his own work, he has encountered
students who they found had been recruited to spy for China. He said, “We’ve
seen where students came in who were Chinese nationals or were compromised U.S.
citizens, extorted to be in the company.”
The core problem, according to Fleming, is that
most Americans aren’t aware of the threats of espionage or the unwanted
interest their work gathers abroad.
“Corporate America has been acting like we’re
still in Mayberry,” he said. “We’ve been the technology innovators, we’ve been
the innovative leaders, and we’ve never had a security practice and a security
policy in place to protect our innovation and trade secrets, and therefore our
competitive advantage.”
Under the current situation, he said, “If you
want to steal trade secrets from U.S. companies, unfortunately, we’re wide open
for business.”
Fleming states we live in a digitally advanced
world, and that businesses can no longer be only reactive in dealing with economic
espionage. He said, “Companies today have evolved through a reactive-only
posture, and for companies to properly combat this evolving threat, they must
adopt a proactive strategy or at the very least, a hybrid strategy.”
No comments:
Post a Comment