More
- Classifieds
- Cars
- Deals
- Real Estate
- Rentals
- Photos
- Blogs

Technology

Chinese cyberspies have hacked most Washington institutions, experts say

By Craig Timberg and Ellen Nakashima,February 20, 2013

(Page 2 of 2)

This week, Chinese officials disputed a report by Mandiant, an Alexandria-based security company, detailing the Chinese military unit allegedly responsible for stealing hundreds of terabytes of data from 141 organizations in 20 industries in the United States and around the world.

But official Washington expresses little doubt about the source of the problem. “The Chinese government’s direct role in cybertheft is rampant, and the problems have grown exponentially,” said Rep Mike Rogers (R-Mich.), chairman of the House Intelligence Committee. “It is crucial that the administration begin bilateral discussions to ensure that Beijing understands that there are consequences for state-sponsored economic espionage.”

‘Spearphishing’ at The Post

The reported hack into The Post’s computer systems happened in a typical way: An employee fell for what experts call a “spearphishing” scam, hitting a bogus link that downloaded a malicious program, infecting the company’s information-technology server, said people familiar with the incident who spoke on the condition of anonymity to discuss details not released publicly by the company. (Post Co. officials have confirmed the hack only in general terms.)

That initial intrusion, which happened in 2009, allowed the hackers to gain access to The Post’s directory of user names, passwords and computers that use Windows-based operating systems. People with knowledge of the infiltration said the company learned of it when Mandiant discovered the breach in 2011.

The Post hired Mandiant to expel the hackers and installed advanced monitoring systems to prevent a recurrence. Experts say it’s difficult for any company to know definitively what information hackers steal while they have access to computer systems — especially if the theft happened months or years before it was discovered.

News of The Post’s infiltration, first revealed this month, alarmed Texas-based religious rights activist Bob Fu. As recently as December, he had obtained a sensitive Chinese document and passed it along by e-mail to a Post correspondent in Beijing. The resulting story named Fu but not the document’s original source within China, who Fu said could have been arrested if discovered.

An associate working for China Aid was briefly detained after the story appeared and was questioned about the document. It’s not clear if any information was gleaned from Fu’s e-mail exchange with the Post correspondent, which took place after the company’s computer system was secured.

“Oh, my goodness, that makes me a little sweaty,” Fu said, recalling the incident. “The consequences could be so unbearable.”

Dissidents have long engaged in cat-and-mouse games with Chinese authorities, accepting that many of their phone calls and e-mails are monitored while still attempting to protect their most sensitive communications from interception.

Canadian researchers in 2009 uncovered a vast global cyber-
espionage network controlled largely by servers in China. The military and political targets whose networks were monitored — including the Tibetan government in exile and the office of the Dalai Lama — strongly suggested a Chinese role in the operation. Among the 1,295 computers infected in 103 countries were several belonging to the Associated Press bureau in London, according to the researchers, who were with the SecDev Group and the Munk Centre for International Studies at the University of Toronto.

Such infiltrations have unnerved the Chinese dissident community, where accusations of spying are common, said Andrew Nathan, a Columbia University professor active in several human rights groups that do work related to China. “There’s a paranoia that sets in,” he said. “That may be one of the functions of this surveillance.”

Security experts say that, while defenses are becoming more sophisticated against cyber-espionage, hackers continue to improve their skills as well. But even if foreign agents manage to gain access to mounting piles of data, they face a problem familiar to intelligence agencies everywhere: what to do with it.

“Most of us aren’t very interesting most of the time,” said Thomas Fingar, a China expert and former chairman of the National Intelligence Council. “You can waste an enormous amount of time and effort puzzling over something that is totally meaningless.”

William Wan in Beijing contributed to this report.

Sign up today to receive #thecircuit, a daily roundup of the latest tech policy news from Washington and how it is shaping business, entertainment and science.

Continued1

2