Getting Hotter: China vs US Cyberwar

China-vs.-US-Cyberwar-Heats-Up.jpg

US-China diplomatic ties have once again taken a nosedive owing to the continuing disagreements over the OPM hack. Even as suspicion in the United States against China is mounting, Beijing continues to dismiss accusations and take umbrage at the potentially defamatory claims.

Many within the Chinese elite believe that China itself has been the target of hackers all over the world and America’s suspicions make for a decline in the quality of Sino-US cooperation. Gao Cheng of the National Institute of International Strategy of China Academy of Social Sciences writes on his micro blog, “I can only say, if it was not done by China, the US just slandered China viciously.”

The Attack On OPM

The attack on the data housed by the Office of Personnel Management constitutes one of the most intrusive and sustained security breaches to have ever been carried out against the United States. The breach was discovered in April 2015, but it is believed to have started last year. It is estimated that over 24 million people stand affected by the hack, including former, current and prospective employees of the US government.
Comparisons with a similar attack against KeyPoint Government Solutions last year have caused authorities to opine that the two consecutive acts of cyber warfare might be the work of the same people. KeyPoint Government Solutions is a contractor for OPM and the two attacks display several similarities, including the modus operandi and the telltale digital signatures that hackers leave behind, even when they are able to mask their origins.

China Continues To Be A Prime Suspect

Even though the US government has refrained from making an official statement regarding potential suspects in order to preserve US-China ties, the popular opinion is that Beijing is most likely behind the data theft.
Speaking with CNN in July 2015, James Clapper, the Director of National Intelligence, stated that China continues to be the “leading suspect” in the matter of the cyber attack.
Mr. Clapper is the most prominent American official to have openly blamed China for the cyber attack. Most government personnel are careful not to upset the US-China balance and have remained tight-lipped about their suspicions in the months since news of the attack broke.

All's Fair In Cyber War

Even as the attack on OPM continues to make waves as the worst attack on US cybersecurity of all time, experts share that these kinds of attacks are only natural. In fact, the only thing unusual about the 2014-2015 hack is the duration and intensity of the attack; American cybersecurity authorities have shared that if US-China role reversal were an option, American hackers would not waste any time in leveraging the same kind of attack against the Chinese.
Cyber espionage is clearly the new frontier of geopolitical rivalries, as US Secretary of State John Kerry recently shared his belief that it is “very likely” that both Russia and China are accessing his e-mails. The Secretary of State has, however, been careful not to accuse China of the OPM attack and has only commented to say that there has been “no finger-pointing” in official gatherings discussing and investigating the possible sources of the breach.
In response to an enquiry by CNN, James Clapper admitted that the US would probably like to be able to even the score, stating, “You have to kind of salute the Chinese for what they did.”
What Were The Hackers Looking For?
If past experiences are to be believed, state-backed hacks from China are nothing new. In 2013, a cybersecurity firm by the name of Mandiant made news when it released information about as many as 141 US firms across 20 niches being targeted by Chinese military-supported hackers.
Chinese hackers are known to target trade secrets, business plans and economic information. Trade-oriented cyber espionage forms an integral aspect of the state’s security strategy. The bureau chief of the Washington Post’s Beijing office shares that, “The economy is so central to the Communist Party's legitimacy that spying for the sake of benefiting state-owned companies for example is part of the government's national strategy.”
The cyber attack on OPMs files has resulted in the loss of personal and identifying information pertaining to millions of US citizens, including, but not limited to- addresses, social security numbers, background checks, information on spouses and family members, medical histories, professional profiles etc.

Beijing Denies Allegations

Beijing has maintained that China played no part in the attack on the data held at OPM and has cautioned the US against making any unwarranted claims. Even as the US-China cyber war heats up, government officials dismiss allegations about Beijing’s role in the data breach. Hong Lei, a spokesperson for the Chinese Foreign Ministry, speaking at a news conference in June 2015, called for a more supportive US-China relationship, stating, “We wish the United States would not be full of suspicions, catching wind and shadows, but rather have a larger measure of trust and cooperation”.
Citing the impossibility in conclusively determining the source of a cyber attack of this nature, Chinese officials have also stated that it is “irresponsible and unscientific” of the Obama administration to point fingers at Beijing with its “groundless accusations”. Mr. Lei has spoken of the US suspicions being “without deep investigation and research.”

China A Cyber Victim Too

Beijing has long maintained that China is itself the victim- and not a perpetrator- of cyber attacks. The Chinese ministry has denied allegations claiming that it is behind the attack on OPM and has instead asked for the United States’ support because it, too, is a target of hackers. Mr. Lei, in a meeting with the press, said that for US-China ties to improve the Obama administration needs to be “less suspicious and stop making any unverified allegations, but show more trust and participate more in cooperation.”
Beijing continues to stand by the position that the need of the hour is global cooperation against hackers so that both the American and the Chinese governments alike can be protected against cyber breaches.
The director of Shanghai’s Fudan University’s Center for American Studies, Shen Dingli, has echoed a popular Chinese sentiment by claiming that America, too, is known to execute cyber attacks against the Chinese. “Just don’t pretend America is the only victim, America also victimizes others,” said Mr. Dingli, continuing, “The US government will target the Chinese government. If they happen to see the information of a few million Chinese government workers, would they not download it? I think they would.”

A spokesperson of the Chinese Embassy to the United States, Zhu Haiquan, has shared the view that the threat of cyber attacks “will only be addressed by international cooperation based on mutual trust and mutual respect.”
Chinese Media Responds. It is not just Chinese government officials in Beijing and abroad who have taken exception to the general attitude of suspicion towards China: the mainstream Chinese media, too, believes that China has been wrongfully blamed and continues to be a victim of propaganda.

The state-centric newspaper The Global Times has lashed out at American publications for carrying unverified news of China being responsible for the hacks. The newspaper has criticized The Wall Street Journal and The Washington Post by name, specifically. The newspaper has taken a critical view of what it claims is a pattern whereby America is quick to blame China for its problems, stating, “In fact, it is not the first time that the American media and institutions blame China for internet security breaches. However, no evidence has been presented so far.”
President Jinping’s Upcoming Visit

The most pressing question on everyone’s mind is if the souring US-China relations are going to affect Chinese President Xi Jinping’s visit to the United States next month. The Chinese leader is expected to sit down in talks with President Obama to discuss issues that are of importance to both countries, such as trade and human trafficking and of course, cybersecurity.
However, seeing as to how the two countries have come to loggerheads in recent times, political commentators are wondering whether as much can be expected from the exchange as was previously envisioned.

The cyber attack is not the only factor to have caused a strain to the US-China relationship: Beijing’s decision to devalue the Chinese currency, the Yuan, has caused a severe blow to the American economy’s prospects abroad and has not gone down well with Washington. Then there is also the matter of Operation Foxhunt- Beijing’s multi-country endeavor to crack down on corruption by tracking down Chinese criminals who have fled abroad and recovering ill-gotten funds and assets. The “strong arm tactics” and coercive measures employed by Beijing’s undercover operators in the United States have caused Washington to issue a warning to the Chinese government to reign in its agents, furthering causing the US-China rift to widen. Another thorn in the US-China equation has been the acrimony between the two states over the latter’s actions in the South China Sea: Beijing’s decision to build artificial islands in the sea has met with severe opposition criticism from the other claimants in the dispute and the US’s decision to intervene has further alienated the two global powers.

In the wake of these developments, political experts are not very hopeful vis-à-vis President Jinping’s scheduled visit to the United States.
Ein News:http://http://bit.ly/1F06eYC

 

« Pentagon Will Counterattack Cyber Strikes
Should the US Use Hidden Data to Warn Industry of Attacks? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

DoD Cyber Crime Center (DC3)

DoD Cyber Crime Center (DC3)

DC3 is a US Department of Defense (DoD) center of excellence for Digital and Multimedia forensics.

Qolcom

Qolcom

Qolcom is a leading UK based integrator of secure wireless network and mobile device management solutions.

Fastpath Solutions

Fastpath Solutions

Fastpath deliver software solutions that enable you to take control of your security, compliance and risk management initiatives.

Cyberbit

Cyberbit

Cyberbit empowers cybersecurity teams to be fully prepared with a product portfolio ready to detect and respond effectively across both IT and OT networks.

GeoLang

GeoLang

GeoLang’s Ascema platform protects sensitive information at the content level by identifying, classifying and tracking data across the corporate infrastructure.

Cellopoint

Cellopoint

Cellopoint is a leading manufacturer of information security and email lifecycle management (ELM) products.

Fraugster

Fraugster

Fraugster provides the most precise anti-fraud solution for e-commerce businesses.

The ai Corporation

The ai Corporation

The ai Enterprise Fraud Solution is an on-prem or cloud-based self-service, machine learning fraud detection and prevention tool set.

Verificient Technologies

Verificient Technologies

Verificient Technologies specializes in biometrics, computer vision, and machine learning to deliver world-class solutions in continuous identity verification and remote monitoring.

Squad

Squad

Squad provides leading expertise to ensure protection against the most complex cyber threats. Combining the best practices of DevOps and Cybersecurity, we are committed to create a secured cyber space

SK Shieldus

SK Shieldus

SK shieldus are a converged security provider with business capabilities in both cybersecurity and physical security based on Big-Tech.

SRG Security Resource Group

SRG Security Resource Group

SRG Security Resource Group is a Canadian company dedicated to providing world-class Physical and Cyber Security services.

PROVINTELL Cyber Security

PROVINTELL Cyber Security

PROVINTELL is a Managed Security Service Provider (MSSP) specialising in Next-Gen Cyber Defense and Response to detect and respond to threats.

Reach Security

Reach Security

Reach is the first generative AI platform purpose-built to empower enterprise security teams. With Reach, organizations measure, manage, and improve their enterprise security posture at scale.

Camms

Camms

Camms are a team of experienced professionals dedicated to providing innovative GRC software solutions that help organizations manage risk, make informed decisions, and drive positive change.

Tranchulus

Tranchulus

Tranchulus are a global provider of offensive and defensive cyber solutions, information security assessment, compliance and managed security services.