Most China-based hacking carried out by ’select few’

By | December 12, 2011, 10:44am PST

 

Summary: Security analysts and experts suggest only a small number of groups in China are responsible for high-profile cyberattacks on U.S. targets.

U.S. cybersecurity analysts believe that as few as 12 different Chinese groups could be responsible for the majority of cyberattacks on the United States.

Experts suggest that this ’select’ set of hacking groups may be backed, or directed by the Chinese government itself.

The theories understand that these groups are given ‘orders’ to go after specific companies or technologies — and that sometimes they even compete with one another.

There have been several intrusions traced back to Beijing, but there was insufficient proof to confirm these fears.

U.S. officials are nevertheless reluctant to make any links without concrete evidence.

There have been several high profile cyberattacks linked back to China in the past few years. Operation Aurora famously targeted Google and several other organisations between 2009 and 2010, which eventually led to Google’s withdrawal from China.

Although it would be largely impossible and politically inflammatory for the U.S. to prosecute hackers in China, some are urging the U.S. government to take a stronger stand against the potential threat.

Jon Ramsey, Dell SecureWorks’ counter-threat chief said: “There is not deterrent not to attack the U.S.”, adding that the government “needs to do more to increase the risk.”

“Industry is already feeling that they are at war,” James Cartwright, former vice-chairman of the Joint Chiefs of Staff said. “Right now we have the worst of worlds. If you want to attack me you can do it all you want, because I can’t do anything about it.”

Many companies are feeling frustrated that the U.S. government is not putting enough pressure on China to stop attacks. With counterfeit products, from fake iPhones to fake PlayStation Vita’s appearing in China, it is no wonder that businesses feel as though their intellectual property is being attacked.

China has rejected allegations of cyber-spying, stating that it is also the victim of attacks, and without any solid evidence it would be extremely difficult to prove any allegations at all.

The analysts however suggest that they are able to trace attacks back to Chinese hackers through digital fingerprints left by the attacks. It may be that evidence will be found to directly trace the alleged hackers, strengthening the U.S. government’s case further.


© 2011 CBS Interactive. All rights reserved.  http://www.zdnet.com