Tuesday 12 March, 2013
In February 2013, it was found that Chinese hackers were gathering information about the United States infrastructure. This included information related to power plants, oil refineries, water treatment facilities, chemical factories, air traffic control and some private companies that deal in transportation and other infrastructure-related services.
The report of the attacks came from a security firm called Mandiant, which says the attacks came from the Chinese military. The attacks appear to have come from the same source as the December 2012 attacks against Telvant Canada, a company that makes electrical equipment and monitors more than half of North America’s oil pipelines.
Upon further inspection, US intelligence identified the exact building from which the attacks came. On the outskirts of Shanghai, it’s the home of the Chinese military’s cyber warfare unit, called the People’s Liberation Army Unit 61398.
We know where the attacks came from but what isn’t clear is why. Are they gathering information so that they can shut down the country’s infrastructure in a war situation? Are they gathering information to help in building up their own infrastructure? Or are they just trolling and seeing what information they can gather, in much the same way US intelligence has always collected data on other countries?
The Chinese government denies the allegations. However, as founder and chief executive of Mandiant Kevin Mandia said, ‘Either they are coming from inside Unit 61398 or the people who run the most-controlled, most-monitored Internet networks in the world are clueless about thousands of people generating attacks from this one neighborhood.’
The Chinese threat is scary but there could be worse threats. A classified document that has not yet been officially published called the National Intelligence Estimate points out that there are a number of countries that could benefit from the ability to effectively shut down the United States, including Iran. Unlike China, Iran has no financial investments in the US.
The Department of Homeland Security reports that from October 2011 to February 2012, there were 86 attacks on the US infrastructure. This is up from 11 the previous year. No damage resulted from the attacks, but it illustrates the point that cyber-attacks are a growing threat.
If even a small part of the United States infrastructure were taken down for only a few days, the effects could be devastating. It would cause financial instability and nationwide panic, but even worse it may lead to serious danger and loss of life.
The news of the Chinese attacks has led to serious talk of ramping up the nation’s security. Lawmakers are pressuring President Obama to pass advanced legislation to prevent a breach. However, this would require a great deal of money from both the government and the private sector.
There are only two countries that have ever breached another’s infrastructure, the United States and Israel. The full report from Mandiant can be found here.