- By Josh Rogin
Josh Rogin covers national security and foreign policy and writes the daily Web column The Cable. His column appears bi-weekly in the print edition of The Washington Post. He can be reached for comments or tips at email@example.com.
Previously, Josh covered defense and foreign policy as a staff writer for Congressional Quarterly, writing extensively on Iraq, Afghanistan, Guantánamo Bay, U.S.-Asia relations, defense budgeting and appropriations, and the defense lobbying and contracting industries. Prior to that, he covered military modernization, cyber warfare, space, and missile defense for Federal Computer Week Magazine. He has also served as Pentagon Staff Reporter for the Asahi Shimbun, Japan's leading daily newspaper, in its Washington, D.C., bureau, where he reported on U.S.-Japan relations, Chinese military modernization, the North Korean nuclear crisis, and more.
A graduate of George Washington University's Elliott School of International Affairs, Josh lived in Yokohama, Japan, and studied at Tokyo's Sophia University. He speaks conversational Japanese and has reported from the region. He has also worked at the House International Relations Committee, the Embassy of Japan, and the Brookings Institution.
Josh's reporting has been featured on CNN, MSNBC, C-Span, CBS, ABC, NPR, WTOP, and several other outlets. He was a 2008-2009 National Press Foundation's Paul Miller Washington Reporting Fellow, 2009 military reporting fellow with the Knight Center for Specialized Journalism and the 2011 recipient of the InterAction Award for Excellence in International Reporting. He hails from Philadelphia and lives in Washington, D.C.
With all about the chatter about China’s hacking of Google and Secretary of State Hillary Clinton’s drive to deliver “consequences” to bad actors in cyberspace, it’s worth noting that the problem of cyber attacks either promulgated or supported by the Chinese government is far from new.
In a previous life, your Cable guy broke a story that revealed senior military officials believe the Chinese government is supporting hackers that attack “anything and everything” in the U.S. national security infrastructure on a constant basis. And while it’s difficult to prove guilt, the scale, organization, and intent of the attacks leads experts and officials alike to one sponsor: the Chinese government.
The Defense Department has said that the Chinese government, in addition to employing thousands of its own hackers, manages massive teams of experts from academia and industry in “cyber militias” that act in Chinese national interests with unclear amounts of support and direction from China’s People’s Liberation Army (PLA).
According to SANS Institute research director Alan Paller, “The problem is 1,000 times worse than what we see.” But the tip of the iceberg is still large. Here are some of the most damaging attacks on the U.S. government that have been attributed to Chinese government sponsorship or endorsement over the past few years:
1) Titan Rain
In 2004, an analyst named Shawn Carpenter at Sandia National Laboratories traced the origins of a massive cyber espionage ring back to a team of government sponsored researchers in Guangdong Province in China. The hackers, code named by the FBI “Titan Rain,” stole massive amounts of information from military labs, NASA, the World Bank, and others. Rather than being rewarded, Carpenter was fired and investigated after revealing his findings to the FBI, because hacking foreign computers is illegal under U.S. law. He later sued and was awarded more than $3 million. The FBI renamed Titan Rain and classified the new name. The group is still assumed to be operating.
2) State Department’s East Asia Bureau
In July 2006, the State Department admitted it had become a victim of cyber hacking after an official in “East Asia” accidentally opened an email he shouldn’t have. The attackers worked their way around the system, breaking into computers at U.S. embassies all over the region and then eventually penetrating systems in Washington as well.
3) Offices of Rep. Frank Wolf
Wolf has been one of the most outspoken lawmakers on Chinese human rights issues, so it was of little surprise when he announced that in August 2006 that his office computers had been compromised and that he suspected the Chinese government. Wolf also reported that similar attacks had compromised the systems of several other congressmen and the office of the House Foreign Affairs Committee.
4) Commerce Department
The Commerce Department’s Bureau of Industry and Security had to throw away all of its computers in October 2006, paralyzing the bureau for more than a month due to targeted attacks originating from China. BIS is where export licenses for technology items to countries like China are issued.
5) Naval War College
In December 2006, the Naval War College in Rhode Island had to take all of its computer systems offline for weeks following a major cyber attack. One professor at the school told his students that the Chinese had brought down the system. The Naval War College is where much military strategy against China is developed.
6) Commerce Secretary Carlos Gutierrez and the 2003 blackout?
A National Journal article revealed that spying software meant to clandestinely steal personal data was found on the devices of then Commerce Secretary Carlos Gutierrez and several other officials following a trade mission to China in December 2007. That same article reported that intelligence officials traced the causes of the massive 2003 northeast blackout back to the PLA, but some analysts question the connection.
7) McCain and Obama presidential campaigns
That’s right, both the campaigns of then Senators Barack Obama and John McCain were completely invaded by cyber spies in August 2008. The Secret Service forced all campaign senior staff to replace their Blackberries and laptops. The hackers were looking for policy data as a way to predict the positions of the future winner. Senior campaign staffers have acknowledged that the Chinese government contacted one campaign and referred to information that could only have been gained from the theft.
8) Office of Sen. Bill Nelson, D-FL
At a March 2009 hearing, Nelson revealed that his office computers had been hacked three separate times and his aide confirmed that the attacks had been traced back to China. The targets of the attacks were Nelson’s foreign-policy aide, his legislative director, and a former NASA advisor.
In March, 2009, researchers inToronto concluded a 10-month investigation that revealed a massive cyber espionage ring they called Ghostnet that had penetrated more than 1,200 systems in 103 countries. The victims were foreign embassies, NGOs, news media institutions, foreign affairs ministries, and international organizations. Almost all Tibet-related organizations had been compromised, including the offices of the Dalai Lama. The attacks used Chinese malware and came from Beijing.
10) Lockheed Martin’s F-35 program
In April, 2009, the Wall Street Journal reported that China was suspected of being behind a major theft of data from Lockheed Martin’s F-35 fighter program, the most advanced airplane ever designed. Multiple infiltrations of the F-35 program apparently went on for years.