It’s been almost a year since The New York Times, working with cybersecurity firm Mandiant, outed the Chinese military for being behind an ongoing series of hacking attacks aimed at the United States. Articles were written. Meetings were held. Defence budgets was boosted. Did it stop the hackers? Not a chance.
The US-China Economic and Security Commission just admitted in a draft report that the public shaming only served to quell the attacks for a short amount of time. The report says that the unit of the People’s Liberation Army responsible for the hacking chilled out for about a month after the bad press, but it has since ramped its attacks back up to previous levels. “From what we can tell, they are still stealing the same type of data from the same industries,” Mandiant spokeswoman Susan Helmick told Reuters. “The focus appears to be the same but the methods and malware, they had to shift.”
Well, that’s swell. You give the Pentagon’s burgeoning cybersecurity force a clear target to aim at, and they miss for 10 months straight. Or at least that’s how it seems.
To be honest, it’s hard to tell if the resilience of the Chinese hackers should be attributed more to the PLA’s capabilities or to the incompetence of the United States. It’s become glaringly obvious in recent months that these Chinese hackers know what they’re doing. They’ve managed to steal sensitive US weapon design files and they even hacked the president. More ominously, they appear to be multiplying now with mercenary groups popping up all over the place and going after US networks.
But the US is trying! Trying so hard to figure out how to stop the attacks without soiling Sino-American relations. A Wall Street Journal report over the summer explained in knuckle-biting detail how government agencies are mobilising against the Chinese hackers and working with internet service providers to block the cyberspying. Even then, however, officials admitted the relative futility of their efforts. “Part of the problem is we can close this door and it’s fairly easy for them to open another door,” one official told The Journal.
So the doors keep swinging open. Of course, China denies any involvement in the hacking activity, despite Mandiant tracing the PLA unit to a specific building in the outskirts of Shanghai. From a diplomatic perspective, this is a tough one. On one hand, it’s Bad News Bears for the Chinese military to go snooping around our servers. It’s even worse news to launch anything that could be interpreted as an attack — cyber or otherwise — against China. Because, you know, World War III. [Reuters]