Long known, but only now has it been fully acknowledged – China’s virtual spies have hacked most of Washington’s institutions. The only question is can they cope with sifting through the cyber-traffic to make sense of it all?
The growing list of companies and institutions that have been infiltrated in recent years includes embassies, congressional offices, law firms, think tanks, news organizations, contractors, human rights groups and even federal agencies.
According to the Washington Post, itself targeted by suspected Chinese hackers, cyber experts openly admit that most of Washington’s powerhouses and institutions have been hacked. However, they wonder if the hackers, once they have the stolen data treasure troves, can then trawl through it all and make any sense of the nuances of email messages. Rather than solely targeting the usual suspects at the heart of government, the hackers are going after journalists, lawyers and those with hooks going into the corridors of power.
As Dan Blumenthal, director of Asian studies at the American Enterprise Institute, said:
“They’re trying to make connections between prominent people who work at think tanks, prominent donors that they’ve heard of and how the government makes decisions.”
With the likes of the New York Times and the Wall Street Journal falling under the hackers’ scanner, information-technology staffs of private groups are always trying neutralize the intrusions, often hiring outside specialists to expel hackers and installing monitoring systems to keep them out.
Yet such efforts do not always succeed, security experts say. Hackers often build secret “back door” access to computer systems or redouble their efforts to penetrate again once they’ve been purged. Such has been the rising tide of cyber spying through system intrusions that there is now talk of action, with the Obama administration outlining new ‘efforts to fight the theft of trade secrets’.
The espionage being done from the comfort of an armchair somewhere in the world was summed perfectly by the FBI’s former head of cybersecurity investigations, Shawn Henry.
“It’s like having an invisible man in your room, going through your filing cabinets.”
The rise of cyber-espionage has followed broader technological shifts: More and more information is gathered and conveyed online. Rising computing power has made more information vulnerable to hackers via the dramatically lowered cost of spying, which has made more institutions viable targets.
But the Chinese government consistently refutes having the kind of aggressive cyber-espionage campaign that experts say they do. They disputed a report by Mandiant, an Alexandria-based security company, detailing the Chinese military unit allegedly responsible for stealing hundreds of terabytes of data from 141 organizations in 20 industries around the world.
Even if cyber-spies do manage to get their hands on piles of data, they face the familiar problem of what to do with it. As Thomas Fingar, a China expert and former chairman of the National Intelligence Council, concludes:
“Most of us aren’t very interesting most of the time. You can waste an enormous amount of time and effort puzzling over something that is totally meaningless.”