China Hacking Is Deep and Diverse, Experts Say

5/29/14
 
   < < Go Back
 
from The Wall Street Journal,
5/29/14:

Intruders Often Work As Hackers For Hire, According to Officials.

China’s Internet espionage capabilities are deeper and more widely dispersed than the U.S. indictment of five army officers last week suggests, former top government officials say, extending to a sprawling hacking-industrial complex that shields the Chinese government but also sometimes backfires on Beijing.

Some of the most sophisticated intruders observed by U.S. officials and private-sector security firms work as hackers for hire and at makeshift defense contractors, not the government, and aren’t among those named in the indictment. In recent years, engineers from this crowd have broken into servers at Google Inc., Lockheed Martin Corp. and top cybersecurity companies, former U.S. officials and security researchers alleged.

The Chinese have often told their U.S. counterparts they don’t condone hacking but also that they can’t police what they don’t control, according to former U.S. officials. While it is possible Beijing makes this claim simply as an excuse for inaction—given its strict control of domestic Internet traffic—experts in the field, including former U.S. officials, say the Chinese hacking landscape is chaotic and hard to follow.

Sometimes freelancers appear to take orders from the military, at other times from state-owned firms seeking a competitive advantage, U.S. security firms say. It remains unclear how exactly those orders are given, security researchers said.

This diffusion of China’s hacking activities underscores the challenge the U.S. faces in addressing what Washington considers economic espionage.

More From The Wall Street Journal (subscription required):