Well, our Blade Runner future is finally here.
For those of you not paying attention, cybercrime has become a major epidemic in this country and around the globe – just look at the sentences that Albert Gonzalez and “Max Vision” got. Unfortunately, it takes a massive company like Google to get hit for anybody to actually pay attention.
I took a little sabbatical in between graduating from law school & passing the California bar exam and becoming the Director of Legal Education at Attorney Credits. And in between that period I didn’t pay much attention to the law and trends in this country. When I came back to the law, the two biggest things that caught my attention was how far behind the technology ball attorneys were, and how nobody seemed to be paying any attention to cybercrime. While the “war on drugs” may get all the attention and resources in this country, cybercrime costs our country much, much more – and there is relatively little that is being done to stop it. State and local law enforcement simply do not have the resources to fight this new type of crime, and at the national level not very much is being done about the problem.
So let’s check your cybercrime aptitude. Don’t worry, there is but one quick question to consider in this exam. When you think of the work ‘hacker’ what comes to mind? If you answered ‘pimple faced 16-year old kid breaking into government servers on a Friday night from his parents basement’ you answered very wrong! Cybercrime and hacking have evolved from single pranks committed by bored geeky teenagers to sophisticated crime rings run by Eastern European and Asian criminal syndicates. Symantec reported that 75% of all companies experience a cyber attack in 2009!
And now China is beginning to gain the capabilities to threaten our national security with their (alleged) state-sponsored hacking. People fail to realize that China has clandestinely been engaged in hacking for years in the financial sector trying to subvert and destroy Western economies, and it’s only a matter of time before they turn their recourses on our electronic infrastructure – a major threat to our national security. Indeed, many commentators feel that China is gearing up for war in the 21st century – CyberWar.
It’s only with huge companies like Google getting hit with a massive cyber attack in January from inside China that cybercrime gets any attention. And I still wonder if anybody really cares? The attacks against Google came from an elite Chinese university and a vocational school. Evidence acquired by a United States military contractor involved in the same attacks as Google has even led investigators to suspect a link to one single specific computer science class, taught by a Ukrainian professor. According to a New York Times article, the Chinese schools involved are Shanghai Jiaotong University and the Lanxiang Vocational School.
Not surprisingly, Jiaotong has one of the top computer science programs in China and its students are fresh off beating Stanford and other top-flight international universities in the “Battle of the Brains” – an international computer programming competition organized by I.B.M. Located in east China’s Shandong Province, Lanxiang is a massive vocational school. Again, not surprisingly, the school was established with military support and it trains computer scientists for the Chinese military. Further, the school’s computer network is operated by a company with close ties to Baidu, the dominant search engine in China and a competitor of Google.
Experts have differing opinions over how to interpret the finding that the intrusions appear to come from schools – as opposed to Chinese military installations or government agencies. While the Chinese government maintains the position that it does not sponsor hackers, in American government circles some have privately circulated a document asserting that the vocational school is being used as camouflage for government operations. Computer industry executives and former government officials feel that its possible that the schools were cover for a “false flag” intelligence operation being run by a third country. And yet others speculate that there is no cyberwar component at all and the cyber attacks against Google and others were for financial motive. In this form, the hacking would be a giant example of criminal industrial espionage, geared towards stealing intellectual property from American technology firms.
According to a New York Times article, independent researchers who monitor Chinese information warfare caution that the Chinese have adopted a highly distributed approach to online espionage. This makes it almost impossible to prove where a cyber attack originated. “We have to understand that they have a different model for computer network exploit operations,” said James C. Mulvenon, a Chinese military specialist and a director at the Center for Intelligence Research and Analysis in Washington. Instead of the United States model that uses “tightly compartmentalized” online espionage within its government agencies, the Chinese government often employs volunteer “patriotic hackers” to support its policies.
More proof of China’s new online war comes from a report on Chinese online warfare from Northrop Grumman entitled, “Capability of People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation.” The American aerospace and defense technology company prepared the report for the U.S.-China Economic Security Review Commission in October 2009. In the report the American defense contractor identifies six regions in China with military efforts to engage in such attacks. Jinan, site of the vocational school, was one of the regions listed in the report.
In the Google attack (Intel, Symantec, and more than 20 other companies were also targeted), new forensic analysis is beginning to illuminate new details of how the cyber criminals gained access to internal company corporate servers. The perpetrators targeted specific employees within the companies they attacked and worked feverishly to hide their tracks. They did this by using a man-in-the-mailbox scam — a clever technique that exploits the natural trust shared by co-workers. After infecting and controlling one computer inside the companies, intruders then circulated an e-mail with an attachment that contained malware that was highly likely to be opened by the second victim. This malware contained in the attachment made it possible for the intruders to take over more target computer.
Of course, the Chinese government denies all ties to the hacking. You can read more here.
You can read about more about the tales of Chinese Hacker Li Jun here. Li Jun is the author of the Panda Burns Incense computer worm, “the first case of organized cybercrime in China, using a computer virus,” according to U.S. technology security firm Symantec Corp.
You can read more about cybercime and the cost to global business here.
And you can read about an L.A. law firm who was the victim of a Chinese cyberattack here.