China is accused of five-year hacking campaign
CHINA has been accused of mounting a five-year hacking operation that stole industrial and national secrets on an unprecedented scale after an investigation by an internet-security company.
More than 70 organisations -- including the United Nations, the International Olympic Committee (IOC) and defence contractors for both Britain and the United States -- were said to have been victims of the attack, which was the work of a single "state actor".
McAfee, an internet-security company, stopped short of naming China, but independent experts said the choice of targets -- such as the Olympic Committee before the 2008 games -- suggested that Beijing was the most likely culprit.
"Everything points to China," said James Lewis, a cyber-security expert at the Centre for Strategic and International Studies in Washington, who was briefed on the report.
He continued: "You can think of at least three other large programmes attributed to China that look very similar. It's a pattern of activity that we've seen before."
The victims of the attacks were all tracked to a single computer server, said McAfee's 14-page report. It added that some networks, including that of the UN secretariat in Geneva, had been penetrated for two years by the malicious software.
"Even we were surprised by the enormous diversity of the victim organisations and were taken aback by the audacity of the perpetrators," wrote Dmitri Alperovitch, McAfee's vice-president of threat research.
"Companies and government agencies are getting raped and pillaged every day, losing economic advantage and national secrets to unscrupulous competitors. This is the biggest transfer of wealth in terms of intellectual property in history."
It was unclear for what purpose the stolen data had been used. Other targets included data on US military systems and satellite communications.
As well as the governments of the US, Taiwan, India, South Korea, Vietnam and Canada, other targets included the Association of Southeast Asian Nations, the World Anti-Doping Agency and an array of companies.
However, other experts have warned against rushing to accuse China. Beijing routinely denies being behind such attacks, attributing them to independent actors in China or other countries using China as a smokescreen for their own activities.
The report was released to coincide with the start of the Black Hat and Defcon conferences in Las Vegas, at which security expert and hackers will discuss the growing threat of cyber intrusions.
Earlier this year, Obama administration officials called for the Geneva and Hague conventions governing the conduct of wars to be adapted to reflect the possibility of cyber attacks on civilian installations.
American security chiefs are openly moving to strengthen the US's ability to deal with cyber attacks, with the departments of Defence, Homeland Security and several other federal agencies openly recruiting in Las Vegas.
The National Security Agency (NSA) was among those hoping to find future agents among the computer enthusiasts at the Defcon conference.
"Today it's cyber warriors that we are looking for, not rocket scientists," said Richard George, technical director of the NSA's information assurance directorate, its cyber-defence arm.
He added: "That's the race that we're in today. And we need the best and brightest to be ready to take on this cyber-warrior status." (© Daily Telegraph, London)