Feeds

China, Russia called out as cyberspy hotbeds

The spy who hacked me

Top 5 reasons to deploy VMware with Tegile

Russia and China are using cyber-espionage to steal the US's tech and economic secrets, according to a government report.

COLD WAR INTELLIGENCE REPORT (click to enlarge)

The Office of the National Counterintelligence Executive (ONCIX) presented the report (PDF) to Congress on Thursday, which claimed that both "adversaries" and "partners" were sticking their nose into government and business computers.

"Because the United States is a leader in the development of new technologies and a central player in global financial and trade networks, foreign attempts to collect US technological and economic information will continue at a high level and will represent a growing and persistent threat to US economic security," the report said, eschewing any attempts at modesty.

The report, which was titled Foreign Spies Stealing US Economic Secrets in Cyberspace and covered 2009 to 2011, singled out China as a place where cyber intrusions often originated, although it didn't specifically finger the country's government.

"Chinese actors are the world’s most active and persistent perpetrators of economic espionage. US private sector firms and cybersecurity specialists have reported an onslaught of computer network intrusions that have originated in China, but the intelligence community [or the IC as the report offhandedly acronyms it]* cannot confirm who was responsible," the office said.

Russia was another country to be named and shamed by ONCIX for pervasive cyber threats.

"Russia's intelligence services are conducting a range of activities to collect economic information and technology from US targets," the report pointed out.

However, "US allies and partners" weren't above a bit of pottering about in US networks looking for the odd tidbit either.

"Some US allies and partners use their broad access to US institutions to acquire sensitive US economic and technology information, primarily through aggressive elicitation and other human intelligence [another lovely acronym – HUMINT] tactics. Some of these states have advanced cyber capabilities," ONCIX said.

The office rather obviously pointed out that stealing secrets in cyberspace was a lot easier than attempting to sneak out of offices carting folders, and as a result the US was suffering millions of dollars in losses from thieved classified information.

And it is not predicting that things will get much better either. Cloud computing and the proliferation of devices connected to the internet are both a concern, and "the IC anticipates that China and Russia will remain aggressive and capable collectors of sensitive US economic information and technologies".

The report said China would continue to be driven to espionage by its policy of "catching up fast and surpassing Western powers".

It said an "emblematic" programme in this drive was Project 863, which according to China is intended to "boost innovation capacity in the high-tech sectors, particularly in strategic high-tech fields, in order to gain a foothold in the world arena", and according to the report "provides funding and guidance for efforts to clandestinely acquire US technology and sensitive economic information".

ONCIX also points to possible future risks from different countries "as a function of international economic and political developments" and the risks from non-state actors such as terrorist groups, hacktivists and hackers for hire.

Bootnote

* In case you're wondering why the US might need an acronym for the intelligence community, it might be because of the dizzying array of groups that make it up. To put this report together, ONCIX gathered inputs and reports from "many US government agencies, including the Air Force Office of Special Investigations (AFOSI), Army Counterintelligence Center (ACIC), Central Intelligence Agency (CIA), Defense Intelligence Agency (DIA), Defense Security Service (DSS), Department of Energy (DoE), Department of Health and Human Services (HHS), Department of State (DoS), Federal Bureau of Investigation (FBI), National Geospatial-Intelligence Agency (NGA), National Reconnaissance Office (NRO), National Security Agency (NSA), and Naval Criminal Investigative Service (NCIS)". And that's just the ones it's happy to name... ®

Top 5 reasons to deploy VMware with Tegile

More from The Register

next story
UK smart meters arrive in 2020. Hackers have ALREADY found a flaw
Energy summit bods warned of free energy bonanza
DRUPAL-OPCALYPSE! Devs say best assume your CMS is owned
SQLi hole was hit hard, fast, and before most admins knew it needed patching
Knock Knock tool makes a joke of Mac AV
Yes, we know Macs 'don't get viruses', but when they do this code'll spot 'em
Feds seek potential 'second Snowden' gov doc leaker – report
Hang on, Ed wasn't here when we compiled THIS document
Mozilla releases geolocating WiFi sniffer for Android
As if the civilians who never change access point passwords will ever opt out of this one
Why weasel words might not work for Whisper
CEO suspends editor but privacy questions remain
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Top 5 reasons to deploy VMware with Tegile
Data demand and the rise of virtualization is challenging IT teams to deliver storage performance, scalability and capacity that can keep up, while maximizing efficiency.
Mitigating web security risk with SSL certificates
Web-based systems are essential tools for running business processes and delivering services to customers.