Who's ahead in cyber espionage war between U.S., China?
Report says accelerated 'Byzantine Hades' attacks on U.S. systems appear to have given China the lead
- By Kevin McCaney
- Apr 21, 2011
That China and the United States are engaged in cyber espionage isn’t exactly a secret, even if the details of the game aren’t usually public. But the pace has picked up in recent years and security experts say China may have taken the upper hand, according to a report by Reuters.
Brian Grow and Mark Hosenball write that China has stolen terabytes of sensitive U.S. data as part of a campaign of attacks that are accelerating. The stolen information includes usernames and passwords for State Department computers and designs for multi-billion dollar weapons systems, the authors write.
Grow and Hosenball cite leaked State Department cables — obtained by Wikileaks and handed over to Reuters — tracing attacks to China and interviews with security experts. U.S. investigators have given a name to China's attacks — “Byzantine Hades.”
U.S. loses ground in global cyber race
DOD's new cyber strategy likely to outline 'active defense'
Among the examples they site are the Aurora attacks on Google, announced in January 2010, in which the systems of anywhere from 100 to 150 companies were breached. China has been widely suspected in the attacks.
Aurora is an example of an advanced persistent threat, an under-the-radar targeted attack that uses social-engineering tricks to gain access to systems. The approach can be used in spear-phishing attacks on high-value targets, who would likely have access to sensitive information. The Reuters report said spear-phishing is China’s most common form of attack.
Of course, saying which country really has the upper hand is difficult, since so much of it is done in secrecy. Grow and Hosenball point out that little is known about what the United States is carrying out in cyberspace, and the same could be said of any country.
As Marc Fossi, executive editor of Symantec’s Internet Security Threat Report, told GCN's William Jackson recently: “The targeted attacks we’ve heard about are only the ones we’ve heard about.”
Kevin McCaney is a former editor of Defense Systems and GCN.