September 11, 2007:
France is
the latest nation to admit that its government and defense computer networks
are under hacker attacks, that appear to be coming from China. Ever since late
last year, there have been a growing number of such attacks on Western military
and government networks. These attacks have hit major American military sites
like National Defense University, the office of the Secretary of Defense, the
Naval War College, Fort Hood and several defense contractors. British and
German government sites were hit as well, and other European nations are also
believed to be under attack. But many are unwilling to go public as yet, or are
still checking to see if they have been hit.
In the United States, each of these attacks cost $20-30 million to clean
up after. What no one will talk much about is exactly what was lost. The
Germans admitted that nearly 200 gigabytes of data was transmitted back to
China. The American, British and French attacks apparently inflicted damage of
a similar scale.
The scary part of this is that
these are the attacks that have been discovered, while they were still
underway. The perfect attack is one that is carried out without the victim ever
being aware that their security has been breached and their secrets carried
away. In light of this, many NATO nations are increasing their cooperation in
this area, and trying to formulate a common policy on how to deal with China.
The French, for example, will only say that they are certain the attacks are
coming from China. Officially, the French do not believe it's the Chinese
military that's doing it. Unofficially, the French fear they are facing a
formidable Chinese Cyber War force.
China denies everything. China
also continues to establish the equivalent of a police state within the Chinese
portion of the Internet. Many Western Internet experts didn't think this was
possible, but the Chinese have gone a long way towards proving them wrong. At
the same time, China is still one of the most vulnerable Internet
neighborhoods. This is largely due to so much illegal (not-paid for) operating
systems and applications software. This stuff tends to be less well protected
than paid-for systems in the West, and China has fewer Internet security
specialists.
Many in the West are calling
for a cyber offensive against the Chinese. But if this were allowed, there
would be no official announcement. So far, cyber war is largely conducted in
the shadows. To this end, China is believed to use a lot of Chinese contractors
(individual hackers, or small companies that seemingly, or actually, do
something else) for attacks on foreign targets. The Chinese are apparently
content to keep at it until someone comes back at them hard.