Monday, June 16, 2008

China Plays Dumb on Charges of Hacking Congressional PCs

Via -

Yesterday, Representative Frank Wolf (R-VA) gave a speech on the House floor in which he admitted several of the computers in his office had been compromised, with the attacks originating in China. Since then, at least two other Congressmen have told similar tales. Wolf's speech, however, was the most specific, in that he suggested he knows what the hackers were after: files on Chinese dissidents he maintains as part of his human rights efforts.

Wolf's speech is a bit long and rambling, covering everything from attacks on specific computers to the potential for the vulnerability of the 'Net infrastructure. He also mentions sources ranging from classified intelligence documents to an article recently published in Business Week. But the meat of the story comes early, where Wolf describes how the first attack focused on his aide who handles foreign policy and human rights, and then spread to the computers of other staff members. "On these computers was information about all of the casework I have done on behalf of political dissidents and human rights activists around the world," Wolf said; the attackers apparently gained access to all of these.

Since then, two other Representatives, Christopher Smith (R-NJ) and Stephen Kirk (R-IL), have
come forward with similar tales. Smith sits on a Human Rights Subcommittee of the Foreign Affairs Committee. In all three cases, the Congressmen turned the computers over to the House Information Resources and FBI, who informed them that the attacks had originated from IP addresses in China.

The Chinese government has denied any involvement, literally playing dumb on behalf of its entire citizenry by saying the capability to hack past Congess' security measures is beyond them. "China is still a developing country," Foreign Ministry spokesman Qin Gang told
Reuters. "Does that mean we have already mastered such high-end technology? Personally I don't believe that."

Past fears about Chinese computer attacks have focused on their potential for military and industrial espionage. But, from an economic standpoint, stifling internal dissent and getting the rest of the world to ignore its human rights record may be as—if not more—important for the Chinese government, as it ensures continued open trade. In that sense, targeting a series of Republicans, who tend to take a probusiness and free-trade stance, may not have been the wisest move.


Wow. I mean, lets not sugar-coat this.

Just because the attacking IP was in China...does not mean that the Chinese government was directly involved - clearly.

Last week, I found the website of an Austin Jazz band had been hacked and included malicious javascript which linked to a server in China running the GPack exploit framework - that doesn't mean the Chinese government was looking for free MP3 downloads.

But past experience shows that nations are constantly watching each other and always try to gain the higher-hand - even nations that would we call "friendly" in all other situations. Just take a quick look @ the Annual Report to Congress on Foreign Economic Collection and Industrial Espionage for 2005 (PDF).

Does China have the capability to hack into Congressional PCs?

Sure and so do tons of other people.

But what is also very clear, is that the Chinese Foreign Ministry spokesman Qin Gang is either greatly misinformed on his nations cyberwarfare capabilities...or he is lying.

No comments:

Post a Comment