U.S. intelligence agencies have reportedly narrowed down cyberattacks to specific sources and determined that many of the Chinese cyberspying groups investigated had links to the Chinese military.
A Wall Street Journal (WSJ) report Tuesday said the U.S. government, armed with the information they have gathered, is now preparing to confront China more directly over cyberespionage claims. U.S. officials had already met with their Chinese counterparts to warn about the diplomatic consequences of economic spying, according to someone close to the meeting.
Sources familiar with the investigations told WSJ that Chinese cyberespionage campaigns largely came from a dozen groups linked to the China's People's Liberation Army, with another half-dozen non-military groups connected to organizations such as universities. Two other groups were also involved, but the U.S. had not been able to determine if these were linked to the Chinese army.
According to the report, the U.S. could now more directly confront the Chinese government about cyberespionage, or when responding to a counterattack, as the National Security Agency was able to track down the identities of individuals involved in these groups.
James Lewis, cybersecurity specialist at the Center for Strategic and International Studies, told WSJ that only a small number of groups did most of China People's Liberation Army's "dirty work". Lewis added that the NSA "is pretty confident" of their ability to attribute cyberspying to these people.
In the past, the inability to tie cyberespionage to certain players had limited the U.S. government's ability to confront the perpetrators, he noted. Recently, the National Security Agency and other intelligence agencies were able to pinpoint attacks to specific sources using a combination of cyberforensics, with ongoing intelligence collection, through electronic and human spying, he told WSJ.
A U.S. intelligence unit last month said it would begin investigation efforts of Chinese telecommunications companies to assess potential threat to its country's security and critical infrastructure.