Everyone Hacks Everyone Else

Posted by on Feb 21, 2013 in Blog | 0 comments

Given all the hoopla about China’s hacking of Western companies and institutions, the dirty truth is that everyone hacks everyone.   Here’s an opinion piece on Tech in Asia and a report on CNBC citing a hacking expert:

China has been involved in an awful lot of hacking incidents recently, from the New York Times scandal all the way up to the recent revelations about military hackers. So I suppose that when a new hacking story comes out, it does make some sense that people would suspect China. That’s understandable.

But privately suspecting something and publicly reporting it are two very different things. On the heels of Apple’s announcement that it had also been hacked, many media outlets strongly implied that China was responsible. Others just came right out and said China was involved right in the headline. The problem with that is that it isn’t true. At all.

In fact, the hacks of Twitter, Facebook, and Apple all seem to have come from Eastern Europe, not China. As I mentioned previously, it’s not unreasonable that people think about China first when they hear a high-profile hacking story, as the country has been involved in a lot of them.

And China’s protestations that it doesn’t actively engage in hacking and other forms of cyberwarfare are patently ridiculous. Of course China is trying to hack other governments and foreign countries. But here’s the thing: everyone is trying to hack everyone all the time.

In this day and age, there is simply no way that any country big enough to have its own intelligence agency does not also have government-funded web experts looking to attain valuable intelligence through the web via any number of means, including hacking. China may be involved in more hacking than other countries, but it could also just be less good at getting away with it.

Either way, let’s all try not to jump to the conclusion that it was China the next time you hear a hacking story. Or, if you do jump to a conclusion, at least try not to print it in The Atlantic before it has actually been confirmed.

————————-

On Thursday, Taia Global’s CEO Jeffrey Carr took up for China, questioning why China is the only country that seems to be accused of cyber attacks.

“We know that many countries are engaged in these activities and yet only China ever seems to be caught, which to me, again statistically, appears to be an impossibility,” Carr, who is also a cyber security analyst, told CNBC Asia’s “Squawk Box.”

Carr attacked the report for unfairly targeting China specifically and leaving out other countries, which are known to be embroiled in cyber security espionage, including Russia, for instance.

Russia was accused of launching cyber attacks on Estonia in 2007 after a Soviet war memorial was moved in Tallinn, Estonia and was condemned by the Kremlin, the BBC reported at the time.

“They tend to focus only on China, when in fact there are many countries that engage in intellectual property theft or trade secret theft. So this unnecessarily escalates tensions between the U.S. and China when it doesn’t have to be,” he said.

Carr also launched a scathing attack on inaccurate methodology used in the Mandiant report.

“I have problems with the report. One, that they never established that the Chinese military is doing the hacking, that’s the report’s big announcement,” said Carr. “It’s the Chinese military, it’s this particular People’s Liberation Unit (PLA) unit based in Shanghai, and they never established that that is true. In order to do that they have to eliminate all other possibilities and they failed to do that,” he said.

According to Carr, Mandiant’s cited methods of using Internet Protocol (IP) addresses and strings of code to identify the location of a computer or device to source the location of the hackers are invalid and using these tools provided an “exceedingly weak piece of evidence”.

“[Using] IP geographical location is extremely unreliable. But even if you accept it as valid, it’s only geo-locating to that portion of Shanghai, which happens to have five million people. It’s a major metropolitan area and it’s a hub for financials and business. So it means nothing. Every major city in China has a PLA outpost,” he said.