Face-Off: Chinese Cyberattacks: Myth or Menace?

This article can also be found in the Premium Editorial Download "Information Security magazine: Everything you need to know about today's information security trends."

Download it now to read this article plus other related content.

Chinese cyberattacks: Myth or menace?

Security Experts Marcus Ranum & Bruce Schneier Offer Their Opposing Points of View

Requires Free Membership to View

By submitting you agree to receive email communications from
TechTarget and its partners. Privacy Policy Terms of Use.



		Send comments on this column to feedback@infosecuritymag.com.

POINT by Marcus Ranum

Something is definitely going wrong with the U.S. Department of Defense and government agency networks, but it's not what you probably think. When it was announced that more than 10 terabytes of data had been stolen from DOD unclassified networks as part of an orchestrated operation from China, I was as horrified as you. Ten terabytes is a lot, and I'd have expected someone to do something after, say, the first terabyte flew by--especially because I happen to know something about the money spent on monitoring systems for some of those networks, and the sensitivity of the data on them. DOD always counters: no classified information was accessed. But that's BS--the unclassified networks carry logistical, payroll, personnel, medical and operational data.

What's really going on? Could it be that many government networks have access rules that are vastly permissive, and have lost control over the software running behind their firewalls? When I try to get answers from people "in the know," I hear one of two things:

A common sense assessment of the number of Trojan horses infecting desktop systems, and the difficulty of controlling traffic: It's not rocket science to imagine that getting a bot inside a DOD network would be an exciting score for any hacker. Or,
Secret Squirrel mumbo jumbo: "I could tell you but then I'd have to kill you" unsubstantiated hand-waving about "Chinese government hackers."

Given I'm cynical, when someone from the FBI says, "Well, there's evidence but we can't talk about it," I assume he's lying--because if he did have solid evidence, he couldn't say as much. Or he'd be presenting it. The best evidence I've heard that there's a Chinese cyber-espionage operation in progress are "The IP addresses are in China," "We hear stuff in chat rooms" and "I can't tell you but my buddy's cousin's uncle says it's true." Excuse me for crying "BS!", but if we're going to make public accusations of espionage, they need to be accompanied by equally public and compelling evidence. The FBI and our intelligence community are not the pinnacles of credibility we wish they were. Here are three pieces of data:

The number of Internet users in China is about the same as in the U.S.
China has been known to sentence hackers/cybercriminals to death.
No state-level intelligence agency would be so sloppy as to noisily and obviously steal 10 terabytes of information.

If you're the spymaster for a nation-state's intelligence arm, and you've got budget and personnel, an open society like ours must be easy game. This is especially true if the target has an uncoordinated mass of government agencies desperate to outsource all their information assets into the hands of beltway bandits. Stealing information openly and obviously through an Internet connection (with the termination in your country) would be shockingly crude and amateurish. I'm willing to bet there are Chinese spies looking at our networks--but doing it from the safety and the comfort of our own data centers.

A hacker living in China is probably not going to want to attack Chinese government systems. The Chinese would not slap him on the wrist and let him hit the celebrity hacker circuit alongside Kevin Mitnick.

If there's any strategic thinking going on behind this whole Chinese hacker fiasco, it's possible that some smart intelligence officer in the Chinese government realized it doesn't cost them anything to have U.S. security practitioners distracted. They know the best way to defeat the U.S. is to rattle us until we slap ourselves stupid.

Chinese cyberattacks? Why fabricate elaborate conspiracies when foreign demographics and domestic incompetence are adequate explanation? My concern is not that we're under attack by the Chinese, but rather that our sensitive networks are so lame that someone can steal 10 terabytes of data from them. We shouldn't be asking, "What are the Chinese doing?" We should be asking, "What's going wrong in Virginia, Los Alamos and Livermore?"

Latest Headlines

Featured

E-Books

E-Zines

E-Handbooks

Topics

Hot Topics

Advice & Tutorials

Technology Dictionary

Tips

Answers

Ask a Question

Research Library

Product Demos

Resource Centers

Blogs

Face-Off: Chinese Cyberattacks: Myth or Menace?

Requires Free Membership to View

More News and Tutorials

Articles

Related glossary terms

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

You May Also Be Interested In...

More Background

More Details

More from Related TechTarget Sites