Chinese Cyberspying and Intellectual Property Theft

October 23, 2009
New “Cyber Warfare” Report Includes Information on Chinese Cyberspying and Intellectual Property Theft.

Siobhan Gorman of the Wall Street Journal put the recently released “US-China Economic and Security Review Commission Report” in context for corporate organizations.
Attacks like that cited in the report hew closely to a blueprint frequently used by Chinese cyberspies, who in total steal $40 billion to $50 billion in intellectual property from U.S. organizations each year, according to U.S. intelligence agency estimates provided by a person familiar with them.”

Modern-day espionage doesn’t involve cloak and dagger anymore,” said Tom Kellermann, a vice president at Core Security Technologies, a cybersecurity company. “It’s all electronic.”.

China is among more than 100 countries that have the capability to conduct cyberspying operations.
He went on to highlight an an incident in 2007 where Chinese:
…”cyberspies did extensive reconnaissance, identifying which employee computer accounts they wanted to hijack and which files they wanted to steal. They obtained credentials for dozens of employee accounts, which they accessed nearly 150 times.
The cyberspies then reached into the company’s networks using the same type of program help-desk administrators use to remotely access computers.
The 88-page report is not directly aimed at financial services security professionals, but it provides what appears to be credible information about Chinese cyber-attack capabilities and activities.  It points out that China is not alone in its efforts to build and exercise cyber-attack capabilities — this is not only a “China” issue.  The findings in this report, though, should be considered as we continue updating our risk management plans, especially as we host more of our business in China or in partnership with Chinese operations.
From the report:
“The PLA is reaching out across a wide swath of Chinese civilian sector to meet the intensive personnel requirements necessary to support its burgeoning IW capabilities, incorporating people with specialized skills from commercial industry, academia, and possibly select elements of China’s hacker community.”
“China is likely using its maturing computer network exploitation capability to support intelligence collection against the US Government and industry by conducting a long term, sophisticated, computer network exploitation campaign. The problem is characterized by disciplined, standardized operations, sophisticated techniques, access to high-end software development resources, a deep knowledge of the targeted networks, and an ability to sustain activities inside targeted networks, sometimes over a period of months.”
There is “increasing evidence that the intruders are turning to Chinese “black hat” programmers (i.e. individuals who support illegal hacking activities) for customized tools that exploit vulnerabilities in software that vendors have not yet discovered.”
It is an interesting read.  How can we get a read on Chinese culture as it pertains to our risk management analysis?  How will this figure into your risk management planning as your corporation expands its operations into China?  How will this figure into your risk management planning as Chinese businesses expand their operations into your market or even your corporation?
“China Expands Cyberspying in U.S., Report Says.” By Siobhan Gorman, Wall Street Journal, OCTOBER 23, 2009
“US-China Economic and Security Review Commission Report on the Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation.” By Principal Author Bryan Krekel, and Subject Matter Experts George Bakos and Christopher Barnett.  October 9, 2009 or
Announcement by the USC US-China Institute:

%d bloggers like this: