The United States accuses China’s government and military of targeting its government computers as part of a cyber espionage campaign, a US report on China says.
Intrusions were focused on collecting intelligence on US diplomatic, economic and defense sectors which could benefit China’s own defense programme, the report says.
This is the first time the Pentagon’s annual report has directly linked such attacks to the Beijing government.
China called the report “groundless”, saying it represented “US distrust”.
A report from state news agency Xinhua cited Sr. Col Wang Xinjun, a People’s Liberation Army (PLA) researcher, describing the report as “irresponsible and harmful to the mutual trust between the two countries”.
Both China and the US were victims of cybercrimes and should work together to tackle the problems, the agency quoted him as saying.
The Pentagon report also criticizes a “lack of transparency” in China’s military modernization programme and defense spending.
“In 2012, numerous computer systems around the world, including those owned by the US government, continued to be targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military,” the report from the US Department of Defense said.
Pentagon’s annual report has directly linked cyber attacks on US government computers to the Beijing government
The attacks were focused on “exfiltrating information” that “could potentially be used to benefit China’s defense industry, high technology industries… and military planners,” it said.
It added that this was particularly concerning because the “skills required for these intrusions are similar to those necessary to conduct computer network attacks”.
While China has long been suspected of a role in cyber attacks, the US has generally avoided publicly attributing attacks to the Chinese government, or confirming that US government computers have been targeted.
But the issue has come under increased scrutiny in recent months.
In February, US cyber security firm Mandiant said that it had linked hundreds of data breaches since 2004 to a Chinese hacking team traced to the site of a military unit in Shanghai.
China called the Mandiant report flawed, and said it was opposed to cyber-crime.
The report also analyses China’s progress in modernizing its military and says that a “lack of transparency” about its military capabilities has heightened regional tensions.
China announced in March that its annual defense budget was $114 billion, an increase of 10.4%.
However, the Pentagon estimated that China’s total military expenditure in 2012 was higher, between $135 billion and $215 billion.
China launched its first aircraft carrier in 2012, and is also investing in ballistic missiles, counter-space weapons and military cyberspace systems, the report said.
Defense Department official David Helvey said that while none of the individual weapons systems were an issue, the “integration and overlapping nature” of the systems left the department “concerned”.
They could boost China’s ability to restrict access to, and military operations in, the Western Pacific, he said.
David Helvey said the report also found that China had “increased assertiveness with respect to its maritime territorial claims” over the past year.
China has territorial disputes with many of its neighbors, including in both the South China Sea and East China Sea.
FBI has warned that hundreds of thousands of people worldwide could lose access to the internet by July following a hackers’ scam – and they don’t even know it.
Unknown to most of them, their problem began when international hackers ran an online advertising scam to take control of infected computers around the world.
In a highly unusual response, the FBI set up a safety net months ago using government computers to prevent Internet disruptions for those infected users. But that system is to be shut down.
Now, the FBI is encouraging users to visit a website run by its security partner that will inform them whether they’re infected and explain how to fix the problem. After July 9, infected users won’t be able to connect to the Internet.
Most victims don’t even know their computers have been infected, although the malicious software probably has slowed their web surfing and disabled their antivirus software, making their machines more vulnerable to other problems.
Last November, the FBI and other authorities were preparing to take down a hacker ring that had been running an Internet ad scam on a massive network of infected computers.
Tom Grasso, an FBI supervisory special agent, said: “We started to realize that we might have a little bit of a problem on our hands because … if we just pulled the plug on their criminal infrastructure and threw everybody in jail, the victims of this were going to be without Internet service.
“The average user would open up Internet Explorer and get `page not found’ and think the Internet is broken.”
FBI has warned that hundreds of thousands of people worldwide could lose access to the internet by July following a hackers' scam
On the night of the arrests, the agency brought in Paul Vixie, chairman and founder of Internet Systems Consortium, to install two Internet servers to take the place of the truckload of impounded rogue servers that infected computers were using.
Federal officials planned to keep their servers online until March, giving everyone opportunity to clean their computers. But it wasn’t enough time. A federal judge in New York extended the deadline until July.
Tom Grasso added: “The full court press is on to get people to address this problem.”
Hackers infected a network of probably more than 570,000 computers worldwide.
They took advantage of vulnerabilities in the Microsoft Windows operating system to install malicious software on the victim computers. This turned off antivirus updates and changed the way the computers reconcile website addresses behind the scenes on the Internet’s domain name system.
The DNS system is a network of servers that translates a web address – such as www.ap.org – into the numerical addresses that computers use. Victim computers were reprogrammed to use rogue DNS servers owned by the attackers. This allowed the attackers to redirect computers to fraudulent versions of any website.
The hackers earned profits from advertisements that appeared on websites that victims were tricked into visiting.
The scam netted the hackers at least $14 million, according to the FBI. It also made thousands of computers reliant on the rogue servers for their Internet browsing.
When the FBI and others arrested six Estonians last November, the agency replaced the rogue servers with Vixie’s clean ones. Installing and running the two substitute servers for eight months is costing the federal government about $87,000.
FBI officials said they had taken the unusual step of organizing a system to avoid any appearance of government intrusion into the Internet or private computers. And while this is the first time the FBI used it, it won’t be the last.
Eric Strom, the FBI’s Cyber Division unit chief, said: “This is the future of what we will be doing.
“Until there is a change in legal system, both inside and outside the United States, to get up to speed with the cyber problem, we will have to go down these paths, trail-blazing if you will, on these types of investigations.”
Now, he said, every time the agency gets near the end of a cyber case, “we get to the point where we say, how are we going to do this, how are we going to clean the system” without creating a bigger mess than before.