A Hong Kong news outlet unveiled explosive new hacking accusations against the US on Saturday morning, citing information shared with the outlet by NSA leaker Edward Snowden.
From the South China Morning Post:
Snowden, who celebrated his 30th birthday on Friday as the US government made public their plan to indict him under the Espionage Act of – has divulged information to the Post which showed how computers in the SAR and on the mainland had been targeted by the NSA over a four-year period.
Now, after further scrutiny and clarification of that information, we can reveal more explosive details of the US cyber-spying operation against in Hong Kong, the mainland and the region.
Documents seen by the Post and statements by Snowden show that Washington’s cyber-spying programme carried out:
- Extensive hacking of major telecommunication companies in China to access text messages
- Sustained attacks on network backbones at Tsinghua University, China’s premier seat of learning.
- Hacking of computers at the Hong Kong headquarters of Pacnet, which owns one of the most extensive fibre optic submarine cable networks in the region
Another article in this morning’s Post quotes Snowden:
“There’s far more than this,” Snowden said in an interview on June 12. “The NSA does all kinds of things like hack Chinese cell phone companies to steal all of your SMS data.”
In his prior revelations that the US had been conducting cyberattacks on Hong Kong targets, Snowden told the South China Morning Post, “I don’t know what specific information they [the NSA] were looking for on these machines, only that using technical exploits to gain unauthorised access to civilian machines is a violation of law. It’s ethically dubious.”
Setting aside for the moment how one views Snowden or his actions, what has been missing from his revelations regarding the US’ cyberattacks against China and Hong Kong is context.
The truth is, China has been known to attack US targets , including media outlets, private companies and government entities. And in at least one high profile incident, Chinese hackers used US universities in an attempt to avoid detection.
China’s Cyberattacks on US Targets
In January 2013, the NY Times revealed that it had been infiltrated by Chinese hackers over a period of four months. Reporters and other employees at the outlet also had their passwords compromised in the incident. As the NY Times pointed out, the timing of that attack coincided with an investigative report it had done about China’s Prime Minister Wen Jiabao.
From the NY Times:
The timing of the attacks coincided with the reporting for a Times investigation, published online on Oct. 25, that found that the relatives of Wen Jiabao, China’s prime minister, had accumulated a fortune worth several billion dollars through business dealings.
Security experts hired by The Times to detect and block the computer attacks gathered digital evidence that Chinese hackers, using methods that some consultants have associated with the Chinese military in the past, breached The Times’s network. They broke into the e-mail accounts of its Shanghai bureau chief, David Barboza, who wrote the reports on Mr. Wen’s relatives, and Jim Yardley, The Times’s South Asia bureau chief in India, who previously worked as bureau chief in Beijing.
In the NY Times attack, Chinese hackers routed their activities through US university computer systems to try and evade cybersecurity investigators.
As I covered in a previous post at Legal Insurrection, recent reports have exposed numerous other cyberattacks perpetrated by Chinese hackers against various US targets.
A report released by the Pentagon in May was more direct in its accusations against China, according to the Wall Street Journal.
While American officials have long charged that China is a top perpetrator of cyberespionage, a new Pentagon report goes a step further, blaming some cyberintrusions directly on the government and its military.
The report also outlined Chinese investments in new Navy ships, advanced fighter planes and so-called anti-access military systems—those aimed at keeping ships and other forces out of an area. The report said China’s cyberespionage was designed to benefit China’s defense and technology industry and to gain insight into U.S. policy makers’ thinking on China.
“China is using its computer network exploitation capability to support intelligence collection against the U.S. diplomatic, economic, and defense industrial base sectors that support U.S. national defense programs,” according to the report, an annual assessment prepared at the direction of Congress.
That report also detailed that Chinese hackers had gained access to the designs of more than two dozen major U.S. weapons systems, which included “those for combat aircraft and ships, as well as missile defenses vital for Europe, Asia and the Gulf,” according to NBC News. An earlier report from private security company Mandiant also identified intrusions and theft of documents from over 100 companies, most of them in the US, perpetrated by China’s People’s Liberation Army. Those incidents were confirmed by US officials.
That information came on the heels of the discovery that faculty members at Shanghai Jiaotong University in China had been collaborating for years with a People’s Liberation Army unit on technical research papers.
Details, and Snowden’s Future, Still Remain Unclear
It’s unclear why the US has selected the targets it has in pursuing foreign intelligence and fighting off China’s cyberattacks; the suspicion is that such information would likely provide even more context to a complex situation that isn’t always so black and white.
We also don’t know yet exactly what Snowden has shared with foreign contacts, and whether or not that contact has been limited to the press, other than what has been reported in his own words. There has been heated debate on both sides as to whether or not it has caused the US harm to our national security, and I’m sure that debate will continue. But it’s impossible to determine with any certainty without knowing all the details related to the investigation into the matter.
However, I do think that it’s important for both sides of the story to be presented in order to discuss the full context of cyber activities between the US and China.
A separate high profile debate that Snowden’s earliest revelations triggered of course was that of the NSA’s domestic surveillance policies – a debate that no doubt has been long overdue.
Snowden was formally charged by the US on Friday with espionage, theft and conversion of government property. While Hong Kong has so far been silent on the issue, the White House says it expects that Hong Kong will comply with extradition.
Meanwhile, public opposition to Snowden’s extradition is building in Hong Kong.DONATE
Donations tax deductible
to the full extent allowed by law.