“Two former U.S. officials said the administration is preparing a new National Intelligence Estimate that, when complete, is expected to detail the cyberthreat, particularly from China, as a growing economic problem. One official said it also will cite more directly a role by the Chinese government in such espionage.
The official said the NIE, which reflects the views of the nation’s various intelligence agencies, will underscore the administration’s concerns about the threat, and will put greater weight on plans for more pointed diplomatic and trade measures against the Chinese government. The two former officials spoke on condition of anonymity because they were not authorized to discuss the classified report.”
A New York Times story on Wednesday revealed a four month assault against the company starting after a Times investigation into the billions accumulated by Chinese Prime Minister Wen Jiabao’s family during his tenure. The Times systems were compromised, with hackers obtaining all Times employee passwords and access to 53 employee personal computers. One Times journalist, John Schwartz, noted that story explained a lot of recent security measures, including random password resets.
The hackers typically worked regular Beijing hours, according to Mandiant, the security company hired by the Times to investigate, and while chief security officer Richard Bejtlich cautions “If you look at each attack in isolation, you can’t say, ‘This is the Chinese military,’” the Times analysis identifies the Chinese government as the likely culprit.
The Wall Street Journal announced it was the victim of a similar series of attacks Thursday, noting that the hackers appeared interested in sources and information, not financial details. Chinese Embassy spokesman Geng Shuang responded to the allegations made in both stories. “It is irresponsible to make such an allegation without solid proof and evidence,” he said. “The Chinese government prohibits cyberattacks and has done what it can to combat such activities in accordance with Chinese laws.”
China is not the only government suspected of backing cyberattacks against private U.S. entities; sources have alleged the Iranian government was behind a series of cyber attacks against major banks over the last several months. The U.S. has also participated in cyber-espionage — reportedly developing malware with the Israeli military used to infect Iranian nuclear facilities.
The investigation into the leak of information about the most prominent of these U.S. programs, Stuxnet, has ratcheted up recently in conjunction with the Obama administration’s aggressive prosecution of security leaks and whistle blowers. The prosecutions have ironically focused on much of the same type of targets pursued by the Chinese newspaper hackers: Journalist sources, with the FBI conducting “extensive analysis of the e-mail accounts and phone records of current and former government officials in a search for links to journalists” leading to a “chilling effect” among government worker’s willingness to talk to the press.