A massive computer hack – reportedly affecting countless US agencies, businesses, and citizens – just occurred. Did it come from Russia or China? Source codes are deceptive. Russia is an avid hacker, and China’s hacks are devastating. The point, however, is not who – but how? At a certain point, you stop bailing and seal the hole. Time is now to batten down digital hatches.
If we are capable of initiating hacks, we should be capable of defending them. If we are capable of cyber-force, we should be capable of cyber-counterforce. On the public record, we know Cybercommand has been busy, on everything from hack tracking to mocking memes since it became a unified combat command in 2018.
But still, we are hacked. China has been a particularly virulent hacker – as they are increasingly virulent in other areas, maritime and space militarization to bioweapons and penetrating US universities, foundations and businesses, sending “honey pots” for Democrat mayors and congressmen to coopting the WTO, WHO and bio-engineering bat viruses that suddenly go global. See, e.g., https://intpolicydigest.org/2020/02/24/china-s-influence-in-multilateral-organizations-and-covid-19/; https://thehill.com/opinion/international/520328-countering-chinese-influence-in-multinational-organizations; https://www.foxnews.com/politics/how-china-has-built-its-extensive-honey-trap-spy-network; and https://www.foxnews.com/politics/pompeo-chinese-threat-us-colleges-beijing.
On the numbers, if Russia, Iran, and North Korea are prolific hackers, China takes the prize. In China’s 2015 attack on Anthem and the Office of Personnel Management (OPM), that Communist nation stole 78.8 million medical records from Americans and 21.5 million (highly sensitive) personnel records on current and former US personnel, including SF-86 clearance documents – perfect for blackmail.
China’s appetite for stealing US data – military, intelligence, civilian agencies, private sector, educational, political, economic, space, science, technology, medical, nuclear – seems insatiable. The pace of hacks – and their adverse impact – have only grown since 2015.
In 2017, Chinese hackers breached US credit-reporting company Equifax, stealing Social Security data from 145 million Americans – more than half the adult population. China was charged by Trump in February 2020. See, e.g., https://www.fbi.gov/news/stories/chinese-hackers-charged-in-equifax-breach-021020.
Beginning in 2006, China began perfecting the art of hacking small US companies, colleges, foundations, and individuals, as a means for disguising what become larger hacks, penetrating those affiliated, digitally integrated, or simply unsuspecting. See, e.g., https://www.huffpost.com/entry/chinese-hacking-small-businesses_n_3868981.
China’s military is pioneering aggressive cyberespionage tools, including backdoors like the Aria-body tool, which takes control of victim networks. As one expert notes, China is adroit at “locating and collecting specific documents … but also extracting data from removable drives, taking screenshots and keylogging … harvesting stolen data for espionage,” evading detection and compromising sensitive servers.” Net-net, China’s cyberattacks are sophisticated, growing, and debilitating. See, e.g. https://research.checkpoint.com/2020/naikon-apt-cyber-espionage-reloaded/; https://www.nytimes.com/2020/05/07/world/asia/china-hacking-military-aria.html?action=click&module=News&pgtype=Homepage; and https://www.news.com.au/technology/online/hacking/us-reportedly-uncovered-secret-base-of-chinas-hacking-operations/news-story/30c37affa60834d2b1398b7fa0dc8470.
Trump indicted China again, in September 2020, for breaking into 100 US agencies and businesses – this after China was identified as hacking US universities, research hospitals, and foundations for data ranging from weapons programs to vaccine research on COVID-19. As then Deputy AG Jeff Rosen noted: “The Chinese Government has made a deliberate choice to allow its citizens to commit computer intrusions and attacks… because these actors will also help the P.R.C.” See, e.g. https://www.nytimes.com/2020/09/16/us/politics/china-hackers.html.
The past decade has been rife with theft, manipulation, contamination, destruction, and digital blackmail – some private, much state-sponsored, substantial weight Chinese. If this does not scare us into affirmative action, particularly as it compromises classified information, programs, and weapons, one is hard-pressed to imagine what would scare us – short of a nuclear strike. See, e.g., https://www.zdnet.com/article/a-decade-of-hacking-the-most-notable-cyber-security-events-of-the-2010s/.
Return to “go” – the most recent, possibly largest attack ever, that just occurred. We are learning new impacts daily, as if a giant rock just fell into our small pond. Ripples radiate outward, concentric circles of theft, infection, manipulation, and more destruction of data. When will we learn?
Some attribute the attack to Russian source codes, others suspect China. Game theory keeps you guessing. They know … that you know … that they know … that you know … that they know … and so they act to make you wonder – who did what, when, with what motivation? Just like Russian nesting dolls – only, as history teaches, nesting dolls actually originated in China. Interesting, eh? See, https://blogs.transparent.com/polish/so-whats-the-story-behind-nesting-dolls/.
This returns us to one central point. Just as we can wonder whether a particular adversary will launch a long-range missile toward us, the real question is – can we defend against such missiles, launched from anywhere? That should be the goal – knock it down, regardless of origin.
In cyberespionage, questions and answers are similar. Wise guys argue Russia or China? Truth is, does not matter; they are both adversaries. The question is how to get ahead, stay ahead, prevent the NEXT hack. At a certain point, you stop bailing, and seal the hole. Storms come and go. What we need now is to batten down the digital hatches.