Chinese hackers compromised the computer networks of both the Canadian and the Australian governments last February. The attacks are part of a long-term effort by the Chinese regime to dominate other nations through compromising or disrupting their computer networks.
The cyber attacks in Australia were revealed on March 28. The private e-mails of the Australian prime minister are believed to have been hacked, and thousands of e-mails from at least 10 federal ministries were exfiltrated.
In Canada, hackers penetrated computers of the Finance, Defense, and Treasury departments.
The Chinese regime’s use of cyberattacks to gain information from foreign governments is nothing new. Chinese hackers are known to have hit the government network of India in January 2010, campaign e-mails of Obama and McCain in 2008, and the German government’s computers and the computers of the U.S. Defense Department in 2007.
Reports on the cyberattacks have often emphasized the theft of technology, but the taking of e-mails is part of an overall strategy used by the Chinese regime to gain advantage over other countries.
The value of exfiltrated e-mails “would be priceless,” according to Terry Minarcin, retired Air Force cryptographer for the National Security Agency.
“You would not only get personal e-mails, but also the government e-mails,” he said. The information may reveal moral flaws in individuals, and “you could exploit that to your advantage,” Minarcin said.
The Chinese regime’s intelligence agency conducts thorough research on foreign officials in order to coerce or blackmail them. They identify four weak points in human nature: fame, profit, lust, and anger, which they exploit through tailored approaches, a Beijing insider told New Epoch Magazine.
Among the most common forms of blackmail are “honey traps.” Individuals often on invite to China may find a beautiful young girl waiting for them in a hotel room, while cameras record what happens between them.
In China, “Many of the prominent hotels that cater to foreigners are equipped for the technical surveillance of guests and visitors,” states Nicholas Eftimiades in his book “Chinese Intelligence Operations” printed by the Naval Institute Press.
“As simple as this ploy appears Chinese intelligence services have used it to achieve several notable successes,” states Eftimiades.
Having worked in intelligence, intercepting foreign communications, Minarcin notes, however, the value of e-mails goes beyond blackmail. Even without highly classified information, vague bits from numerous e-mails can piece together things of value.
Such an approach was used in China’s “Night Dragon” cyberattacks revealed in February by digital security company McAfee. Since November 2009, Chinese hackers had been stealing information from energy companies.
“This information is highly sensitive and can make or break multibillion dollar deals in this extremely competitive industry,” wrote McAfee Chief Technical Officer George Kurtz on his blog.
Similarly, government e-mail could reveal information on policies or vulnerabilities. “They can see what the policies are going to be,” Minarcin said. “They can know how he’s going to react to certain pressure that you’ve put on him.”
The obscure nature of cyberattacks, which provides deniability to the Chinese regime, has revolutionized traditional forms of espionage. The Chinese regime often vehemently denies any involvement in attacks, although behind-the-scenes investigation often proves guilt.
In the 2007 cyberattack on Pentagon computer networks, an unknown amount of information was unloaded. The Pentagon was forced to shut down part of their computer system—including that serving Defense Secretary Robert Gates. Officials told the Financial Times that the attack was launched by the Chinese military.
The Chinese regime is known to have a large cyber army, although the exact size of this legion of hackers is unknown. Yet, it often puts the blame for cyberattacks onto individual actors. The country is known for its leagues of “patriot hackers”—highly organized groups including the “Honker Union of China” and the “Red Hacker Alliance.”
Read More…Satisfying the Regime's Requirements