China is America's Cyber Menace (Terrorist?)

By John Wallace

posted 05/28/08

America’s government and defense contractors have been victimized by an unprecedented rash of cyber attacks over the last two years, forcing the U.S. government to launch a new operation to fight off intrusions.

In an article headlined “The New E-Spionage Threat,” Business Week disclosed that an investigation into the cyber attacks on sensitive computer networks uncovered “startling security gaps.” “It’s espionage on a massive scale,” Paul Kurtz a former high-ranking national security official, told the magazine.

Last year U.S. government agencies reported nearly 13,000 “cyber security incidents” to the Department of Homeland Security, three times the number from two years earlier. Incidents involving the military’s networks rose 55 percent last year. Private targets, such as defense contractors, are also vulnerable and information gleaned from their computers could pose a serious security risk.

Business Week has learned that the U.S. government has initiated a classified operation called Byzantine Foothold to detect and disarm intrusions on critical government networks.

In January of 2008, President Bush signed an order to overhaul America’s cyber defenses. Under that order, all government agencies must cut the number of communication channels they use to connect with the Internet from more than 4,000 to fewer than 100.

Especially troubling is the belief that many intrusions are by trained professionals backed by foreign governments. In particular, the military and intelligence communities have charged that China is America’s biggest cyber menace.

In September of 2007, an e-mail message addressed to an executive at Booz Allen Hamilton, a management consulting firm that often deals with defense contractors, detailed weaponry that India wanted to buy. It was purportedly sent from the Pentagon and appeared legitimate, but it contained a piece of computer code known as “Poison Ivy” designed to steal sensitive data from a computer network.

“Had the Booz Allen executive clicked on the attachment, his every keystroke would have been reported back to a mysterious master at the Internet address cybersyndrome.3322.org, which is registered through an obscure company headquartered on the banks of China’s Yangtze River,” Business Week reported.

In 2004, hackers believed to be in China accessed classified data stored on the computer networks of Lockheed Martin, Sandia National Labs, and NASA, the magazine also disclosed.

Pentagon officials say hackers are developing new ways to penetrate computer networks’ safeguards that can render firewalls and antivirus programs virtually useless.

When Business Week ran tests in February, only 11 of the top 34 antivirus software programs identified Poison Ivy.