Cyber attacks traced to China targeted at least 48 chemical and military-related companies in an effort to steal technical secrets, according to a report by a U.S. computer security company. California-based Symantec Corp. said in the report that the targets included 29 chemical companies and 19 others that make advanced materials used by the military. The security firm said the group included multiple Fortune 100 companies, but it did not identify the companies or say where they were located. But the report did say: “The purpose of the attacks appears to be industrial espionage, collecting intellectual property for competitive advantage.”

Security experts say China is a center for Internet crime. Attacks against governments, companies and human rights groups have been traced to China, though finding the precise source has been almost impossible. While China’s military is a leader in cyberwarfare research, the government has denied all allegations of cyberspying and actually claims it has been a target.

The latest attacks occurred between late July and September and used e-mails sent to companies to plant software dubbed “PoisonIvy” in their computers. Symantec said the same hackers also were involved in attacks earlier this year on human rights groups and auto companies. The attacks were traced by Symantec to a computer system owned by a Chinese man in his 20s in the central province of Hebei. When contacted, the man provided a contact to Symantec who would perform “hacking for hire.” Symantec could not determine whether the Chinese man was a lone attacker, whether he had a direct or indirect role, or whether he hacked the targets for someone else. The firm called him Covert Grove based on a translation of his Chinese name.

The U.S. and Chinese governments have accused each other of being involved in industrial espionage. Security consultants say the high skill level of earlier attacks traced to China suggests its military or other government agencies might be stealing technology and trade secrets to help Chinese companies.

Another security firm, McAfee Inc., said in August it had found a five-year-long hacking campaign against more than 70 governments, international institutions, corporations and think tanks. It called the campaign Operation Shady Rat. In February, McAfee said hackers operating from China stole information from oil companies in the United States, Taiwan, Greece and Kazakhstan about operations, financing and bidding for oil fields. Thousands of Chinese computer enthusiasts belong to hacker clubs and experts say some are supported by the military to develop a pool of possible recruits. Experts say military-trained civilians also might work as contractors for companies that want to steal technology or business secrets from rivals.

China has the world’s biggest population of Internet users, with more than 450 million people online, and the government promotes Web use for business and education. But experts say security for many computers in China is so poor that they are vulnerable to being taken over and used to hide the source of attacks from elsewhere. Last year, Google Inc. closed its China-based search engine after complaining of cyber attacks from China against its e-mail service. That case highlighted the difficulty of tracking hackers. Experts said that even if the Google attacks were traced to a computer in China, it would have to be examined in person to be sure it wasn’t hijacked by an attacker abroad.

Cyber-attacks by Chinese and Russian intelligence services, as well as corporate hackers in those countries, have swallowed up large amounts of high-tech American research and development data. That stolen information has helped build their economies, U.S. intelligence agencies have concluded. The report, offering the first such detailed public accusations from U.S. officials, said computer attacks by foreign governments are on the rise and represent a “persistent threat to U.S. economic security.” Assessing the implications, the agencies said they “judge that the governments of China and Russia will remain aggressive and capable collectors of sensitive U.S. economic information and technologies, particularly in cyberspace.”

U.S. officials have called for greater communication about cyberthreats among the government, intelligence agencies and the private sector, which owns or controls as much as 85% of computer networks. The Pentagon has begun a pilot program that is working with a group of defense contractors to help detect and block cyberattacks. The report, issued by the National Intelligence Director’s Office of the Counterintelligence Executive, comes out every two years and includes information from 14 spy agencies, academics and other experts.

Source: Claims Journal