Getting Hotter: China vs US Cyberwar

China-vs.-US-Cyberwar-Heats-Up.jpg

US-China diplomatic ties have once again taken a nosedive owing to the continuing disagreements over the OPM hack. Even as suspicion in the United States against China is mounting, Beijing continues to dismiss accusations and take umbrage at the potentially defamatory claims.

Many within the Chinese elite believe that China itself has been the target of hackers all over the world and America’s suspicions make for a decline in the quality of Sino-US cooperation. Gao Cheng of the National Institute of International Strategy of China Academy of Social Sciences writes on his micro blog, “I can only say, if it was not done by China, the US just slandered China viciously.”

The Attack On OPM

The attack on the data housed by the Office of Personnel Management constitutes one of the most intrusive and sustained security breaches to have ever been carried out against the United States. The breach was discovered in April 2015, but it is believed to have started last year. It is estimated that over 24 million people stand affected by the hack, including former, current and prospective employees of the US government.
Comparisons with a similar attack against KeyPoint Government Solutions last year have caused authorities to opine that the two consecutive acts of cyber warfare might be the work of the same people. KeyPoint Government Solutions is a contractor for OPM and the two attacks display several similarities, including the modus operandi and the telltale digital signatures that hackers leave behind, even when they are able to mask their origins.

China Continues To Be A Prime Suspect

Even though the US government has refrained from making an official statement regarding potential suspects in order to preserve US-China ties, the popular opinion is that Beijing is most likely behind the data theft.
Speaking with CNN in July 2015, James Clapper, the Director of National Intelligence, stated that China continues to be the “leading suspect” in the matter of the cyber attack.
Mr. Clapper is the most prominent American official to have openly blamed China for the cyber attack. Most government personnel are careful not to upset the US-China balance and have remained tight-lipped about their suspicions in the months since news of the attack broke.

All's Fair In Cyber War

Even as the attack on OPM continues to make waves as the worst attack on US cybersecurity of all time, experts share that these kinds of attacks are only natural. In fact, the only thing unusual about the 2014-2015 hack is the duration and intensity of the attack; American cybersecurity authorities have shared that if US-China role reversal were an option, American hackers would not waste any time in leveraging the same kind of attack against the Chinese.
Cyber espionage is clearly the new frontier of geopolitical rivalries, as US Secretary of State John Kerry recently shared his belief that it is “very likely” that both Russia and China are accessing his e-mails. The Secretary of State has, however, been careful not to accuse China of the OPM attack and has only commented to say that there has been “no finger-pointing” in official gatherings discussing and investigating the possible sources of the breach.
In response to an enquiry by CNN, James Clapper admitted that the US would probably like to be able to even the score, stating, “You have to kind of salute the Chinese for what they did.”
What Were The Hackers Looking For?
If past experiences are to be believed, state-backed hacks from China are nothing new. In 2013, a cybersecurity firm by the name of Mandiant made news when it released information about as many as 141 US firms across 20 niches being targeted by Chinese military-supported hackers.
Chinese hackers are known to target trade secrets, business plans and economic information. Trade-oriented cyber espionage forms an integral aspect of the state’s security strategy. The bureau chief of the Washington Post’s Beijing office shares that, “The economy is so central to the Communist Party's legitimacy that spying for the sake of benefiting state-owned companies for example is part of the government's national strategy.”
The cyber attack on OPMs files has resulted in the loss of personal and identifying information pertaining to millions of US citizens, including, but not limited to- addresses, social security numbers, background checks, information on spouses and family members, medical histories, professional profiles etc.

Beijing Denies Allegations

Beijing has maintained that China played no part in the attack on the data held at OPM and has cautioned the US against making any unwarranted claims. Even as the US-China cyber war heats up, government officials dismiss allegations about Beijing’s role in the data breach. Hong Lei, a spokesperson for the Chinese Foreign Ministry, speaking at a news conference in June 2015, called for a more supportive US-China relationship, stating, “We wish the United States would not be full of suspicions, catching wind and shadows, but rather have a larger measure of trust and cooperation”.
Citing the impossibility in conclusively determining the source of a cyber attack of this nature, Chinese officials have also stated that it is “irresponsible and unscientific” of the Obama administration to point fingers at Beijing with its “groundless accusations”. Mr. Lei has spoken of the US suspicions being “without deep investigation and research.”

China A Cyber Victim Too

Beijing has long maintained that China is itself the victim- and not a perpetrator- of cyber attacks. The Chinese ministry has denied allegations claiming that it is behind the attack on OPM and has instead asked for the United States’ support because it, too, is a target of hackers. Mr. Lei, in a meeting with the press, said that for US-China ties to improve the Obama administration needs to be “less suspicious and stop making any unverified allegations, but show more trust and participate more in cooperation.”
Beijing continues to stand by the position that the need of the hour is global cooperation against hackers so that both the American and the Chinese governments alike can be protected against cyber breaches.
The director of Shanghai’s Fudan University’s Center for American Studies, Shen Dingli, has echoed a popular Chinese sentiment by claiming that America, too, is known to execute cyber attacks against the Chinese. “Just don’t pretend America is the only victim, America also victimizes others,” said Mr. Dingli, continuing, “The US government will target the Chinese government. If they happen to see the information of a few million Chinese government workers, would they not download it? I think they would.”

A spokesperson of the Chinese Embassy to the United States, Zhu Haiquan, has shared the view that the threat of cyber attacks “will only be addressed by international cooperation based on mutual trust and mutual respect.”
Chinese Media Responds. It is not just Chinese government officials in Beijing and abroad who have taken exception to the general attitude of suspicion towards China: the mainstream Chinese media, too, believes that China has been wrongfully blamed and continues to be a victim of propaganda.

The state-centric newspaper The Global Times has lashed out at American publications for carrying unverified news of China being responsible for the hacks. The newspaper has criticized The Wall Street Journal and The Washington Post by name, specifically. The newspaper has taken a critical view of what it claims is a pattern whereby America is quick to blame China for its problems, stating, “In fact, it is not the first time that the American media and institutions blame China for internet security breaches. However, no evidence has been presented so far.”
President Jinping’s Upcoming Visit

The most pressing question on everyone’s mind is if the souring US-China relations are going to affect Chinese President Xi Jinping’s visit to the United States next month. The Chinese leader is expected to sit down in talks with President Obama to discuss issues that are of importance to both countries, such as trade and human trafficking and of course, cybersecurity.
However, seeing as to how the two countries have come to loggerheads in recent times, political commentators are wondering whether as much can be expected from the exchange as was previously envisioned.

The cyber attack is not the only factor to have caused a strain to the US-China relationship: Beijing’s decision to devalue the Chinese currency, the Yuan, has caused a severe blow to the American economy’s prospects abroad and has not gone down well with Washington. Then there is also the matter of Operation Foxhunt- Beijing’s multi-country endeavor to crack down on corruption by tracking down Chinese criminals who have fled abroad and recovering ill-gotten funds and assets. The “strong arm tactics” and coercive measures employed by Beijing’s undercover operators in the United States have caused Washington to issue a warning to the Chinese government to reign in its agents, furthering causing the US-China rift to widen. Another thorn in the US-China equation has been the acrimony between the two states over the latter’s actions in the South China Sea: Beijing’s decision to build artificial islands in the sea has met with severe opposition criticism from the other claimants in the dispute and the US’s decision to intervene has further alienated the two global powers.

In the wake of these developments, political experts are not very hopeful vis-à-vis President Jinping’s scheduled visit to the United States.
Ein News:http://http://bit.ly/1F06eYC

 

« Pentagon Will Counterattack Cyber Strikes
Should the US Use Hidden Data to Warn Industry of Attacks? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

UK Cyber Week Expo & Conference

UK Cyber Week Expo & Conference

Award-winning event organiser ROAR B2B announces the launch of UK Cyber Week and its inaugural event on 4 and 5 April 2023 at the Business Design Centre, London.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Group-IB

Group-IB

Group-IB specializes in computer forensics, the investigation of computer crime, information security breaches and global threat intelligence.

Tufin

Tufin

Tufin enables organizations to automate their security policy visibility, risk management, provisioning and compliance across their multi-vendor, hybrid environment.

Gamma

Gamma

Gamma provide a comprehensive range of next generation voice, data and mobile services including Managed Network Security and secure Mobile solutions.

Opengear

Opengear

Opengear designs, manufactures and delivers the most feature-rich, cost-effective, flexible solutions for secure remote infrastructure management. Wit

XBOSoft

XBOSoft

XBOSoft is a software QA and testing company. We cover the entire QA and testing life cycle including software and application security.

Apomatix

Apomatix

Apomatix is a platform that simplifies the complexity of cyber risk audit and management.

Nexcom International

Nexcom International

Nexcom operates six global businesses - IoT Automation, Intelligent Digital Security, Internet of Things, Intelligent Platform & Services, Mobile Computing Solutions, Network & Communications.

Swimlane

Swimlane

Swimlane is a leader in security automation and orchestration (SAO). Our platform empowers organizations to manage, respond and neutralize cyber threats with adaptability, efficiency and speed.

Cybersecurity Association of Maryland (CAMI)

Cybersecurity Association of Maryland (CAMI)

CAMI’s mission is to create a global cybersecurity marketplace in Maryland and generate thousands of high-pay jobs through the cybersecurity industry.

C2A Security

C2A Security

C2A Security offers a comprehensive suite of cyber security solutions for the automotive industry, providing in-vehicle end-to-end protection.

Marvell Technology Group

Marvell Technology Group

Marvell is a semiconductor company providing solutions for storage, processing, networking, security and connectivity.

ABS Group

ABS Group

ABS Group provides risk and reliability solutions and technical services that help clients confirm the safety, integrity and security of critical assets and operations.

ADGS

ADGS

ADGS is a deeptech company focused in the fields of Agent-Based simulations (Emergent Behavior), Cybersecurity and Biometrics, Social Dynamics, Natural Language Processing and Artificial Intelligence.

Center for Medical Device Cybersecurity (CMDC) - University of Minnesota

Center for Medical Device Cybersecurity (CMDC) - University of Minnesota

CMDC’s mission is to foster university-industry-government partnerships to assure that medical devices are safe and secure from cybersecurity threats.

American Technology Services (ATS)

American Technology Services (ATS)

American Technology Services provides unparalleled services in information technology to support small and mid-sized business. From top-level strategy, to managed services and infrastructure support.

GoTo

GoTo

At GoTo we help people and businesses to connect and collaborate simply and securely – from anywhere. We’re the trusted partner for companies of all sizes.