The New E-spionage Threat

(page 2 of 8)

Browse Issues

Browse the BusinessWeek Archive

Related Items

• China's Response to BusinessWeek
• Interactive Graphic: Anatomy of a Spear-Phish
• Podcast: Behind the Cover
• An Evolving Crisis
• BusinessWeek TV: New Cyber Threat
• Video: Defending the Homeland
• Warning About Certain Internet Addresses
• CERT: Online Attacks Threaten U.S. Financial Institutions (.pdf)
• CERT: U.S. Defense Contractors and Government Employee Targets (.pdf)

Illustrations by Jonathon Rosen; Mark Lennihan/AP Photo

Story Tools

• post a comment
• e-mail this story
• print this story
• order a reprint
• digg this
• save to del.icio.us

Adding to Washington's anxiety, current and former U.S. government officials say many of the new attackers are trained professionals backed by foreign governments. "The new breed of threat that has evolved is nation-state-sponsored stuff," says Amit Yoran, a former director of Homeland Security's National Cyber Security Div. Adds one of the nation's most senior military officers: "We've got to figure out how to get at it before our regrets exceed our ability to react."

The military and intelligence communities have alleged that the People's Republic of China is the U.S.'s biggest cyber menace. "In the past year, numerous computer networks around the world, including those owned by the U.S. government, were subject to intrusions that appear to have originated within the PRC," reads the Pentagon's annual report to Congress on Chinese military power, released on Mar. 3. The preamble of Bush's Cyber Initiative focuses attention on China as well.

Wang Baodong, a spokesman for the Chinese government at its embassy in Washington, says "anti-China forces" are behind the allegations. Assertions by U.S. officials and others of cyber intrusions sponsored or encouraged by China are unwarranted, he wrote in an Apr. 9 e-mail response to questions from BusinessWeek. "The Chinese government always opposes and forbids any cyber crimes including hacking' that undermine the security of computer networks," says Wang. China itself, he adds, is a victim, "frequently intruded and attacked by hackers from certain countries."

Because the Web allows digital spies and thieves to mask their identities, conceal their physical locations, and bounce malicious code to and fro, it's frequently impossible to pinpoint specific attackers. Network security professionals call this digital masquerade ball "the attribution problem."

A CREDIBLE MESSAGE

In written responses to questions from BusinessWeek, officials in the office of National Intelligence Director J. Michael McConnell, a leading proponent of boosting government cyber security, would not comment "on specific code-word programs" such as Byzantine Foothold, nor on "specific intrusions or possible victims." But the department says that "computer intrusions have been successful against a wide range of government and corporate networks across the critical infrastructure and defense industrial base." The White House declined to address the contents of the Cyber Initiative, citing its classified nature.