National Security: Enter The Cyber-Dragon

Hackers have attacked America’s defense establishment, as well as companies from Google to Morgan Stanley to security giant RSA, and fingers point to China as the culprit. The author of this informative article in Vanity Fair gets an exclusive look at the raging cyber-war—Operation Aurora! Operation Shady rat!—and learns why Washington has been slow to fight back. Following are excerpts.

Dozens of nations have highly developed industrial cyber-espionage programs, including American allies such as France and Israel. And beca

Hackers have attacked America’s defense establishment, as well as companies from Google to Morgan Stanley to security giant RSA, and fingers point to China as the culprit. The author of this informative article in Vanity Fair gets an exclusive look at the raging cyber-war—Operation Aurora! Operation Shady rat!—and learns why Washington has been slow to fight back. Following are excerpts.

Dozens of nations have highly developed industrial cyber-espionage programs, including American allies such as France and Israel. And because the People’s Republic of China is such a massive entity, it is impossible to know how much Chinese hacking is done on explicit orders from the government. In some cases, the evidence suggests that government and military groups are executing the attacks themselves. In others, Chinese authorities are merely turning a blind eye to illegal activities that are good for China’s economy and bad for America’s. Last year Google became the first major company to blow the whistle on Chinese hacking when it admitted to a penetration known as Operation Aurora, which also hit Intel, Morgan Stanley, and several dozen other corporations.

Most companies have preferred not to talk about or even acknowledge violations of their computer systems, for fear of panicking shareholders and exposing themselves to lawsuits—or for fear of offending the Chinese and jeopardizing their share of that country’s exploding markets. The U.S. government, for its part, has been fecklessly circumspect in calling out the Chinese.

“The Chinese government has employed this same tactic in numerous intrusions. Because their internal police and military have such a respected or feared voice among the hacking community, they can make use of the hackers’ research with their knowledge and still keep the hackers tight-lipped about it. The hackers know that if they step out of line they will find themselves quickly in a very unpleasant prison in western China, turning large rocks into smaller rocks.”

This onslaught of revelations was all the more extraordinary because American industry has so few incentives to come clean about its losses, and so many incentives to cover them up.

“There are only two types of companies—those that know they’ve been compromised, and those that don’t know. If you have anything that may be valuable to a competitor, you will be targeted, and almost certainly compromised.”

For complete article click here or on PDF button at top right.