A new government report concludes that China’s cyber security threat is increasing in sophistication and that its sheer volume “makes China the most threatening actor in cyberspace,”
Although still unknown who is actually exercising the threat, trackers are being helped by technical gains. The US-China Economic and Security Review Commission reported to Congress that the culprits are:
1. The People’s Liberation Army
2. Three intelligence and security service ministries.
3. Patriotic hackers conducting espionage out of nationalist fervor.
4. Big IT companies and telecommunications firms.
5. Informal “cyber warfare militia” composed of workers with high-tech day jobs that focus on military communications, electronic warfare, and computer network operations.
6. Criminal hackers conducting industrial espionage for private, state-owned, or government clients.

The report continues “China’s cyber capabilities provide Beijing with an increasingly potent tool to achieve national objectives,” the congressional report states. “In a strategic framework that leans heavily on cyber espionage, a diverse set of Chinese hackers use pilfered information to advance political, economic, and security objectives.”
Chinese embassy officials in Washington routinely deny responsibility for cyber espionage against US targets. A spokesman for the Chinese Embassy wrote in an e-mail responding to a government report last year on cyber spying. “China’s rapid development and prosperity are attributed to its sound national development strategy and the Chinese people’s hard work, as well as China’s ever enhanced economic and trade cooperation with other countries that benefits all, “Willfully making unwarranted accusations against China is irresponsible, and we are against such demonization efforts as firmly as our opposition to any forms of unlawful cyberspace activities.”
The report to Congress points to photos of China’s new J-20 stealth fighter jet and its similarities with Lockheed Martin’s F-22. The photos revived “concerns that human, cyber, or other forms of espionage may have played a role in the J-20’s development.”
The report cites other examples of “malicious Chinese cyber activity” in 2012, including successful attacks on NASA networks and spear phishing e-mails targeting the White House Military Office, which assists in presidential travel and communications.
Until recently, Chinese hackers have long appeared less sophisticated than those in Russia. However in January, a China-based attack targeted the “secure authentication” system of the Defense Department’s Common Access Card standard, one of the Pentagon’s most secure systems.
US military officials testified this year that infiltrating weapons systems, including missiles, aircraft, ships, and ground systems is a Chinese focus. In order to infiltrate computers belonging to India’s Eastern Naval Command, which had no connection to the Internet; Chinese hackers reportedly used compact discs along with thumb drives.
Within the Department of Defense, the US Cyber Command has become fully operational. Beyond that, the White House reportedly issued a secret policy document that outlines what actions the US military can take against cyber attacks.
John Bumgarner, research director for the US Cyber Consequences Unit, a nonprofit security think tank that advises government and industry, has advised “We’re all economic partners, but we’re all on this cyber espionage path where people are routinely breaking in to steal the latest and greatest fighter plane plans. At some point, it may cross the line and become an act of war. In the cyber world, that line is a very blurred line. It’s a path we need to get off.”

.

Yury Schmidt, the esteemed human rights attorney, cautioned that the efficacious prosecution throughout Russia of scholars and researchers as spies in the last ten years has been coupled with harsher sentences. Four years ago, the former general director of the Central Machinery Construction Research Institution, Moscow scientist Igor Reshetin, was found guilty of handing over technology to the Chinese and received a sentence of eleven and a half years in a penal colony. He had justified his actions, claiming the technology’s nonclassified status permitted its export and international dialogue. Physicist Valentin Danilov in 2003 likewise was convicted of placing classified information in Chinese hands, and drew a similar sentence of 13 years in a penal colony. In fact, the only instance of acquittal in an espionage or treason case in the legal annals of the Soviet Union and modern Russia was that of the aforementioned researcher and ecologist Alexander Nikitin, the skillful defense having been mounted by the already heralded Mr. Schmidt. Nikitin, a onetime naval captain and submarine officer, authored a study on the environmental risks of radioactive waste and decommissioned Russian nuclear submarines, expressly in northern Russia, for the Norwegian ecological organization Bellona, resulting in an accusation of high treason being levelled against him.

As regards the current case, Afanasiev and Bobyshev disavowed any wrongdoing and contended that the Harbin period was devoted solely to teaching and, furthermore, that the contents of the lectures were under the strict supervision of the Military Mechanical University. Schmidt indicated that should convictions of the two men be secured, the prison terms would run from 12 to 20 years. The public will be barred from the proceedings.

Court papers show that Shriver was in a study abroad program in Shanghai for two years, in which he studied and became fluent in Mandarin. After graduating from college, he returned to Shanghai to seek work. His answer to an advertisement looking for people to write a paper on U.S.-Chinese relationships caught the eye of Chinese intelligence officers, who recruited Shriver as a spy. Shriver was encouraged to seek U.S. government jobs that would give him access to classified documents.

Shriver attempted to join the Foreign Service but failed the test twice. He received money $30,000 from Beijing for the two attempts. He then tried for a job with the CIA’s clandestine service and was paid $40,000 in cash by the Chinese government for doing so. Shriver spend two years going through the CIA hiring process but his nefarious plans were discovered.

His attorney, G. Allen Dale, says that Shriver was just a naïve young man who had been taken advantage of and that he had never actually been hired into a position that exposed him to any sensitive information. The prosecution says that Shriver threw away his education and his future, and betrayed his country, when he chose to deal with the Chinese government. Shriver’s guilty plea requires the judge to impose the prosecution’s recommended four year prison term.

Indeed, China is on the verge of passing a law that would require telecommunications and internet companies to track, report and delete potential leaks of state secrets. China is thus seeking to tighten its control over these companies as well as expand its watchful eye by leveraging the companies’ inherent spying capabilities (think China’s cyber attack on the gmail accounts of Chinese human rights activists in January).

Although penalties for violations of the new law have not yet been disclosed, the draft law’s definition of ‘state secret’ casts a very wide net, which would undoubtedly be open to government interpretation and abuse. Currently, ‘state secret’ is defined as: “information that concerns state security and interests and, if leaked, would damage state security and interests in the areas of politics, economy and national defense, among others.” The draft is in its third review, which is typically the last before passing into law.

China is home to the biggest population of internet users in the world – a whopping 384 million, but its government isn’t about to lose its grip on the flow of information to, from and among those people. Open communication breeds opinions, which breed dissent and in turn, unrest. The only way to avoid inevitable dissent and unrest, China reasons, is more stringent control and vigilance. Recent restrictions aimed at controlling and limiting information exchange include making it more difficult to register domain names and systematically removing unregistered sites.

At the slightest hint of unrest, China goes into hyper info-control mode, shutting off Twitter and Facebook, unplugging the internet and slowing down other methods of viral communication, like texting, to stem the natural flow of information. This very technique was used last July to stem news of violent ethnic riots breaking out in a Muslim region of western China. To China, twittering about the dissent is just as bad as dissenting, and now they’re going to leverage whatever means necessary – including private sector companies – to expand their spy network.

Google left China last month over censorship and cyber espionage disputes. Which company’s next?

The China-North Korea border is a hotbed of activity for North Koreans looking to escape the clutches of an authoritarian government that offers little more than poverty and starvation to its citizens. From this area, South Korean activists and missionaries help North Koreans with defection, shelter, food and relocation to nations like South Korea and the U.S.

Of course, North Korea’s not too happy about the refugees streaming out of its supposedly wonderful state (more than 18,000 since 1953, when the war between the two Koreas ended in a tense truce). That’s where the recently arrested Kim (last name released only) comes in.

It all started when Kim was spending time in China’s eastern Shandong province in the late 90s, trafficking drugs. There he met a female North Korean agent, who recruited him to spy on behalf of North Korea in exchange for money and narcotics.

In 2000, Kim allegedly spent two weeks in North Korea’s capital, Pyongyang, where he received spy training plus $10,000 plus 2 kilos of drugs. Kim’s spy job? To head back to China, identify and kidnap South Korean activists, who would then be sent to North Korea with the help of the aforementioned female agent. Kim also allegedly kidnapped North Korean defectors who were still in hiding in China, en route to safer havens, and reported on the activity of South Korean intelligence in the area.

While Kim denies all charges, the prosecution has made it clear that he is suspected of having violated South Korea’s National Security Law, which could mean the death sentence.

Chung pleaded innocent, saying he wasn’t a spy, just an “ordinary man” with intentions of writing a book, which was his explanation for the hundreds of thousands of sensitive documents pertaining to the space shuttle, among other aviation, space and military data, that federal agents found at this home in 2006.

As an engineer working for Boeing and Rockwell, he had easy access to these documents. During his employment with these companies, he traveled back to China regularly, lecturing on his work and – as per the Court’s ruling – sharing secrets with the Chinese government, to the peril of the U.S.’s security and its economic and scientific advantage.

During his trial, the defendant told the judge that he loved the United States and wanted to live peacefully with his family, which includes children and grandchildren, in the United States – something that will now be rather difficult for him to achieve.

According to the prosecutors, Judge Carney said he wanted to make an example of Chung, that his trial and conviction should be a message to China to “stop sending [their] spies” to the U.S. According to the Court, Chung spied on behalf of China for three decades. In addition to the aforementioned documents, officials found in his home correspondence and journals logging the communication Chung had with Chinese government officials over the years. In one response to a written request from China, Chung wrote that he wanted to “make an effort to contribute to the Four Modernations of China.”

His defense team called Chung a “pack rat.” He kept everything, they said, but shared nothing. The U.S., hypersensitive of its vulnerability to China’s encroaching spy network, clearly did not buy this argument.

James Fondren, 62, was sentenced today to 3 years in prison and a subsequent 2 years of supervised release. Once a lieutenant colonel in the U.S. Air Force, Fondren got into “consulting” after retiring from the military. And by that we mean that he got involved in espionage by sharing classified intel on U.S.-China military relations with Tai Shen Kuo, a naturalized U.S. citizen from Taiwan.

In March 1999, Kuo and Fondren travelled to China together, where Fondren met Kuo’s Chinese government contact. Fondren and the government official proceeded to exchange emails over the course of the next year. Hired into the civilian role of Deputy Director of the U.S. Pacific Command’s Washington Liaison Office, Fondren continued to associate with Kuo, providing him with so-called opinion papers in exchange for payment.

According to Fondren, the papers were a mix of publicly accessible news and his own personal opinion, but the court obviously found otherwise. At the Pacific Command, Fondren had top-secret clearance and access to a classified computer. He certainly had the means to provide Kuo with more than just personal opinion, and it didn’t help his case that Kuo testified against him.

U.S. District Judge Claude Hilton decided to issue a milder sentence than the 6.5 years requested by the prosecution because the information Fondren shared didn’t really compromise U.S. national security. Only convicted of 3 of the 8 counts brought against him, Fondren still plans to appeal the decision. His lawyer argues that Fondren did not realize Kuo was a spy.

Given the recent hubbub in the news about China’s aggressive cyber espionage – many say that the Google attack was neither the first nor the last – Fondren’s not likely to get much sympathy in the public eye.

China’s Internet spying used to be fairly focused on acquiring defense and military information from the U.S. As such, the U.S. intelligence and defense community could better focus their retaliatory as well as preemptive defense mechanisms. As China’s interests have expanded to economic and industrial secrets, their cyber attacks are now more than ever before looking to tap into that unique brand of American innovation that the U.S. is so well known for.

Google believes that the hackers responsible for the January 12 attack were after the gmail account information of Chinese human rights activists. The company also reported that intellectual property was stolen.

Apparently Chinese cyber attacks on U.S. companies are common, but most companies don’t volunteer the information for fear that it will speak poorly of their online security. Google’s willingness to call China out, threatening even to leave the Chinese market as a result of the attack and the censorship its search engine is subject to in China, has caused other big companies – like Adobe Systems – to report similar attacks.

According to Alan Paller, Director of Research at the SANS Institute, a computer security firm, says, “The odds of the 25 biggest companies in California not being fully compromised by the Chinese is near zero…That is true of companies across the country.” So, really, no company is safe from the unrelenting force of Chinese espionage.

Paller describes China’s approach to hacking as a massive sweep. No rock is left unturned in search of information that could give China a competitive advantage. Once again, China’s strength in numbers gives it an edge. And, according to Congress’s U.S.-China commission, the U.S. is struggling to keep up.

Even though Obama has emphasized the importance of protecting the online world for both the public and private sectors, how is a question that remains unanswered. Right now, it looks like China might just be winning this war, especially given the recent directive by the White House National Security Council, which basically tells the U.S. spy community to remove China from its primary priority list for intelligence gathering.

CIA Director Leon Panetta and Director of National Intelligence Dennis Blair have objected, referring in part to China’s aggressive cyber attacks. Proponents of the directive don’t seem to think the priority downgrade will significantly affect intelligence operations aimed at China, but if that were truly the case, why issue the directive in the first place…?

Indeed, Fondren is currently on trial before a jury in a federal court in Alexandria, where the first witness to testify against him was Tai Shen Kuo – the furniture salesman who solicited the goods on U.S.-China military relations from Fondren and subsequently gave the papers he obtained to a Chinese government agent.

Fondren allegedly sold to Kuo 30 reports replete with classified information over the course of a decade (1998-2007; he retired from the Air Force as a lieutenant colonel in 1996). Each paper went for between $800 and $1500.

Kuo has already been convicted of espionage (he pleaded guilty) and is due to serve a sentence of over 15 years. Of course, he’s testifying against Fondren with the hope that he’ll be able to knock some time off of his own sentence.

According to Fondren’s defense lawyer, Asa Hutchinson, Fondren was just one of many victims of Kuo’s conniving ways. Apparently, Kuo told Fondren he was using his ‘opinion papers’ (Fondren reportedly did not hand over verbatim reports but paraphrased and added his own two cents) to further his contacts in the Chinese business community…and Fondren allegedly believed him.

He had no idea Kuo was a spy, said the defense, but Kuo testifies that his cover was extremely flimsy, and that he slipped up several times in such a way that should have left no doubt in Fondren’s mind as to Kuo’s true interest in the military papers. Kuo says Fondren knew the papers’ final destination was the Chinese government, and that he clearly revealed this knowledge in email correspondence with Kuo.

Various sources indicate that Chinese spies are not only working as staff members at the Chinese Embassy, but also as employees in just about every big German company. German intelligence estimates that there are anywhere between 20 and 50 spies from China currently living and gathering intel in their country.

Apparently the Chinese spies are mostly looking for information regarding China’s political sore spots (Taiwan’s independence, the Tibetan freedom movement, Falun Gong, China’s democracy movement, etc.), but obviously it’s suspected that some economic espionage is afoot as well, given the alleged presence of spies in German companies.

In fact, Walter Opfermann from the State Office for Counterintelligence in Baden-Württemberg said yesterday that both China and Russia have been using cyber espionage “to save billions on their own economic research and development.” This sort of spying saves China heaps of money, but ends up costing German companies upwards of 50 billion euro each year.

Also, reported incidents of Chinese spying include:
•    A guard at a Siemens office building having to stop Chinese employees from re-entering the building alone late at night
•    A Zeiss Company employee breaking into his employer’s internal network to steal technology secrets, which were subsequently transmitted to China by a Chinese academic residing in southern Germany

The spy scare is making it harder for Chinese diplomats to get visas for Germany. One Chinese diplomat, who has a history of spying on abroad Uyghurs (a Turkish ethic group living in what is presently northwest China), may well have his visa application to work in the Chinese Embassy in Munich denied.

It seems, however, that some are more concerned about the damage that cyber espionage can cause. Opfermann says that the Chinese cyber capabilities are well past the point of just accessing information. A real Chinese cyber attack would significantly threaten Germany’s critical infrastructure, such as the country’s power grid for example.

Deny everything.

The Chinese foreign ministry issued a brief statement, which said:

“The allegation that a so-called Chinese person stole trade secrets in the United States and gave them to China is purely a fabrication made up out of ulterior motives.”

According to the Chinese newspaper, People’s Daily Online, the U.S. media has completely blown out of proportion the threat of Chinese espionage. The U.S. media, the article says, has led Americans to believe that there are 3500 Chinese spies currently working in the U.S., and that their sole purpose is to glean and send confidential information back to China.

It’s interesting that China is so vehemently denying accusations of economic espionage when they have their own case against an Australian national pending. The typical reaction in these situations is for guilty intelligence agencies not to offer comment, instead of denying what seems to be, in all likelihood, true.

images courtesy of fbi.gov and nature.com