We have had several water-cooler conversations this week in the office regarding the ethics of those involved with the WikiLeaks releases.
Information obtained and distributed illegally certainly raises ethical questions. No doubt those responsible will see their day in court. Though we found many of the leaks disturbing, the one that relates most closely to MetalMiner readers involves the accusation that China’s Politburo has authorized hacking into US corporations’ systems as well as individuals and organizations involved in the support of the Dalai Lama.
Whereas we can’t speculate as to whether the breaches received state-sanctioned authorization, we have enough data to conclude that the Chinese have and continue to break into the systems of major US corporations.
Consider the following data points. We know that two large US corporations, including one in the metals industry, are currently working with the FBI investigating cyber-security breaches conducted by the Chinese (we can’t release the names of the companies due to the on-going investigation).
We recently spoke with Chris Archinal who handles Energy Sector Sales for Critical Infrastructure for McAfee Inc., and he shared a few insights with us around APTs (Advanced Persistent Threats). APTs in the computer security community refer to “a sub-set of such threats, in a long-term pattern of targeted sophisticated hacking attacks aimed at governments, companies and political activists, and by extension, also to refer to the groups behind these attacks.”
The acronym APT also suggests several attributes of how these threats actually manifest themselves. According to Damballa, a company that also provides cyber-security solutions, the “A in Advanced refers to how criminal operators use the “full spectrum of computer intrusion technologies and techniques. The “P in Persistent refers to criminal operators that prioritize a task and “monitor and interact to achieve the defined objective. Finally the “T in Threat implies ‘a level of coordinated human involvement in the attack, rather than a mindless and automated piece of code.'”
According to Archinal, 83 percent of companies in the US have been hacked. Many of those attacks come in the form of Personal Identification Information (PII) violations (think social security numbers and credit card information), but from his point of view, he sees plenty of nefarious activity surrounding the US power grid. Essentially, according to Archinal, “the Chinese are trying to hack into the power grid to take a blueprint of where and how energy feeds into key hospitals and 911 centers as examples.
Besides the ongoing two-dozen-plus FBI investigations, our sources on the ground in China tell us the concerns here in the US have validity. For example, Paul Adkins of AZ China told us, “A girl that used to work for me went to the PLA University (she is a member of the Communist party and graduated as a Lieutenant from University). Her major was Internet Defense and Attack Strategies. The PLA is turning out specialists, as well as the regular universities. It’s not direct evidence that the government/party actively runs a hacking and attack strategy, but it’s a fair bet that they do.”
We also asked Paul about motive. He believes anti-US, anti-capitalism and anti-democracy feelings, especially amongst university students and young graduates feed into the cycle: “It’s not a personal thing, but after decades and centuries of imperial servitude, many Chinese are un-trusting and suspicious of western values, attitudes and opinions. Add to that the generic education system that promotes Chinese values, history and outlook. Many people know nothing better.”
MetalMiner will continue to report on this story over the coming months.