Is China ground zero for hackers?
Quietly, the U.S. government had been hacking away at cyberterrorism. The EP-3E spy plane that crash-landed in China earlier this year was, according to James Bamford in his keynote speech at this year's Black Hat Briefing, working for the National Security Agency. Even the 1999 war in Kosovo featured early information warfare techniques against the Serbian government. A recent report by MSNBC explains the emerging global information warfare threat in greater detail. If the secretary is serious about transforming the U.S. defense department, then let me suggest that it is much more prudent to shore up our computer networks today than to invest in the 20-year-old concept of laser-toting satellites orbiting the earth tomorrow: Our computer networks are already under serious attack.
HOSTILE NATIONS, and for that matter, hostile groups, such as Osama bin Laden's followers, realize they can't challenge the U.S. military one-on-one. But they can disrupt our utilities, our telecommunications, and our e-commerce. Just last spring, during a period of rolling blackouts in Northern California, someone hacked into the California Independent System Operators system, which regulates the flow of power in the state. The malicious users were stopped before they caused any damage, but the incident shows how vulnerable our ancillary government agencies are to attack. The hack was traced back to the Guangdong province in China. Turns out, this was not an isolated incident.
A few weeks ago, I wrote that students at Foshan University in Guangdong, China, may have created the Code Red worm. Shortly after that column appeared, someone at the Defense Department called me with a serious interest in that information. Now, the recent and very nasty Offensive Trojan horse also happens to share a connection to Guangdong. I don't think this is a coincidence.
Guangdong is the largest and wealthiest province, and Hainan Island, the site where the American EP-3E plane was held after landing last April, is nearby. According to a report prepared by the security company Vigilinx, Guangdong is also home to hacker groups, such as the Honker Union of China (also known as the Red Guest Alliance) and China Eagle, and to criminal extortionists who have been terrorizing Hong Kong's financial networks for years. Guangdong also happens to be very beautiful, historic, and the focus of major Western investment and tourism.
RATHER THAN ASSUME the Chinese government is behind Code Red and Offensive, I think it is more credible that different groups of individuals within Guangdong might be hacking the United States and other nations (like Japan) for their own reasons. Like the cracker activity once seen in Eastern Europe, these exploits may not be a political expression against, but a general frustration with, Western arrogance and influence. The crackers in Guangdong seem to be doing their own thing, and they are definitely pushing the envelope of what is possible in terms of malicious activity on the Internet.
Whatever their motives, I suggest we'll hear even more from the crackers in Guangdong. If ego is involved, these crackers probably aren't done flexing their programming muscles or announcing themselves to the world. Now, thanks to comments from the U.S. Defense Secretary, others elsewhere might also be tempted to join in their fun.
Are you concerned that the Defense Department has publicly stated that the United States is vulnerable? Should we be keeping watch on the hackers in Guangdong? TalkBack to me.