Focusing on “Operation Olympic Games,” the US efforts behind the Flame and Stuxnet cyber attacks, Mischa Glenny, in “A Weapon We Can’t Control,” an op-ed in the NY Times, 6/24/12, says the U.S. has “fired the starting gun in a new arms race … cyberweaponry.” However, Mr. Glenny ignores efforts by hackers in China and from the former Soviet Union.
Called “The greatest transfer of wealth in history,” in “Inside the Chinese Boom in Corporate Espionage,” by Michael Riley and Ashlee Vance, in Business Week, 3/15/12, China’s disregard of intellectual property rights and industrial espionage is only half the story. China appears to be conducting a long term, sophisticated intelligence campaign. Chinese government involvement is unproven, however, nothing happens within the People’s Republic without the implicit or explicit permission of the Chinese government.
In 2009, Bryan Krekel, writing on the subject for The U.S.-China Economic and Security Review Commission, USCC, said,
“[China is] likely using its maturing computer network exploitation capability to support intelligence collection against the US government and industry by conducting a long term, sophisticated computer network exploitation campaign. The problem is characterized by disciplined, standardized procedures, sophisticated techniques, access to high-end software development resources, a deep knowledge of the targeted networks, and an ability to sustain activities inside targeted networks, sometimes over a period of months.” (download full paper here)
Chinese government affiliation may be unproven, however nothing happens within the People’s Republic without the implicit or explicit permission of the Chinese government.
According to The U.S.-China Economic and Security Review Commission, USCC, cyber-attackers interfered with two U.S. government satellites four times in 2007 and 2008. The Landsat-7, launched by the US Geological Survey in 1999, encountered 12 or more minutes of interference in October 2007 and July 2008. The NASA’s Terra AM-1 satellite received interference for two minutes in June 2008 and for nine minutes in October 2008 (E-Week). Richard Clarke, former White House cyber-security adviser and now an independent security consultant, in October, 2011, said China is systematically collecting information from U.S. companies for its own use. “Frankly, the government of China is involved in hacking into American companies and taking that information and giving it to Chinese companies. It means our intellectual property is going out the door in petabytes and terabytes” (ZDNet / YouTube). (More on CyberWarfare.)
While the Chinese appear to be focused on espionage, the Russians are focused on money.
Russian speaking cybercriminals operate within what Russia’s former President Dmitry Medvedev called “Legal Nihilism;” a system characterized by corruption, a weak judicial system, and impunity from prosecution (Security Management).
Robert Lipovsky and Aleksandr Matrosov of ESET and Dmitry Volkov of Group IB, in “Cybercrime in Russia: Trends and issues” at the CARO, 2011 conference in Prague, describe Russian cyber criminal activities as focused on:
- Fraud targeted at Russian banks & Payment systems
- SMS fraud using Trojans
- DDoS attacks &
- Unauthorized access
Kirit Radia in Moscow, for ABC News on April 24, 2012, here, reported that Russian speaking cybercriminals earned or stole an estimated $4.5 Billion in 2011, 36% of the $12.5 Billion estimated to have been earned or stolen by cybercriminals in 2011. Russian speaking cybercriminals use bank fraud and identity theft and sell services such as Denial of Dervice (DoS) attacks.
—
For additional information or original research contact me at L Furman 97 “at” gmail . com.