August 5, 2012:
The U.S. is being more open about its growing body of evidence documenting Chinese Cyber War attacks on America and the West. This openness was prompted by a Wikileaks emails from last year that made reference to U.S. and European efforts to track the growing number of hacker attacks on government and military organizations. The emails revealed that Western computer security officials have been increasingly aware of details of the Chinese efforts over the last five years. Until the Wikileaks incident, this was kept secret because the Chinese have been careful to hide their hacks, if only so they could return and not have to work their way through much stronger defenses. The Chinese hackers also kept a low profile because their governments' only response to victims was "it wasn't us, we know nothing, we are being hacked too." That last item is true, the first two are not.
The five year long counter-intelligence effort uncovered details of how as many as twenty separate Chinese hacking groups were apparently assigned targets in a decade long campaign to steal as much technical, political, and military secrets as possible and not get caught. The Chinese hackers were very careful about avoiding detection, and many times when they were detected, they quickly reacted, covering their tracks as much as possible and, in general, trying to confuse their pursuers.
But the Chinese got cocky after a while. That, and the law of probabilities, caught up with them. Eventually the Western security experts found flaws in some of the tools the Chinese were using and built a "tap" on the activity of many of the Chinese hacking groups. The Chinese found out about this, or at least confirmed their suspicions, last year and have since cleaned up their tools and procedures. Recent revelations by American researchers seemed to taunt the Chinese with hints that the taps are still working and that the hackers are still being hacked. This is a little bit of payback for years of Chinese successes against Western Internet security.
The big problem now is how does the West react to this massive campaign of espionage and theft? In the past such a massive theft has been considered grounds for war but that is seen as impractical. Wrecking the Chinese economy and risking an exchange of nuclear weapons won't undo the damage. But there has to be some kind of action to halt, or at least discourage, the attacks. Apparently the U.S. leadership has secretly agreed, after years of requests, to let the Pentagon retaliate via the Internet. Thus China's complaints about being hacked have credence. In fact, this declaration of open season on China could do a lot of untraceable (or at least deniable) damage to China's economy, not to mention the security of their government and military networks. With all the corruption going on in China, especially by senior Chinese officials and their families, selective leaks of some secret documents, or just the gist of what was in them, could do a lot of damage to the Chinese leadership. It looks like round two of the first Cyber War is entering phase two, as the victims strike back.