November 8, 2011: Britain has again gone public to report a higher number of Internet based attacks. The emphasis is now on economic assets. This includes technology and business plans. For example, the Foreign and Commonwealth Office was under heavy cyber-attack over the last few months, apparently in an effort to obtain secret details of government plans and techniques for supporting British exports. Government Internet security officials were making all this public to encourage British firms to increase their Internet security.
All this is nothing new. Last year Britain's domestic intelligence service, MI5, went public with numerous charges of Chinese Internet based espionage. MI5 accuses China of using both agents and hacker software, to obtain secrets from specific companies and government organizations. This approach has Chinese personnel approaching specific British businessmen at trade shows, and offering gifts, like a thumb drive loaded with hidden hacker software that will load itself on to the victim's PC and seek out valuable information. Internet based attacks, traced back to China, continue to send real looking email that has an attachment containing another of those stealthy hacker programs that seek out secrets, or even quietly take over the user's PC. Two years ago, MI-5 sent alerts to major corporations warning them of similar attacks and advising increased security of their data.
The U.S. Department of Defense believes that China has the most powerful Cyber War capabilities on the planet. That means the Chinese can shut down just about any site they target, and penetrate most as well. The Department of Defense has come right out and said they believe a series of Internet based network attacks, on their computer networks in the last few years, came from China. These attacks were quite specific, often directed at named individuals in the Department of Defense, and succeeded in stealing large quantities of secret material. In 2007 there were 44,000 such attacks from China. This rose to 55,000 in 2008, and then to over 100,000 last year.
The Department of Defense report also cited similar attacks on European defense and commercial organizations. The Department of Defense has been regularly asking for the authority to respond to these attacks. Not just with more robust defenses, but with offensive action. China insists that this is already going on, although they don't provide any details. It's believed that Chinese commercial and government networks, which tend to have weaker defenses than those in the West, are getting hammered by criminal hacking gangs.
The Department of Defense desire to act more aggressively against these Cyber War attacks has been rebuffed, because of a reluctance to risk legal and diplomatic blowback from such operations. That is not to say that such permission will not be given, just that if it is granted, it will be a secret directive. Such an operation would eventually be revealed, but by then there might be some good news to offset the inevitable criticism.
