China Now Accounts for One-Third of Cyberattacks

 @mflorcruzm.florcruz@ibtimes.com on January 23 2013 3:05 PM
Chinese Hacking
China's cyberespionage entity known as APT-12 seems to be behind the attack on the New York Times. What else do we know about APT-12? Reuters

 

Though the story of computer network attacks by Communist spies sounds like a plot line from a Hollywood action film, a new report has found that one-third of cyberattacks actually originate in China.

According to Akamai Technologies (NASDAQ: AKAM), a digital technology platform developer, China accounted for 33 percent of cyberattack traffic all over the world during the third quarter of 2012, taking the top spot. China was the No. 1 source of cyberattacks in the previous quarter as well, but doubled its percentage of attacks.

Following China is the U.S., accounting for 13 percent of cyberattacks in Q3 2012, and Russia, with 4.7 percent. Both percentages changed little from the previous quarter, with a 1 percent increase for the U.S. and a 1.6 percent decrease for Russia.

The surge of cyberattacks coming from China since 2011 is not really surprising, considering its history of corporate espionage through network attacks.

Last year, Bloomberg reported on a boom of Chinese corporate espionage. Though not all cyberattacks coming from China are necessarily on corporations, nor do they always mean to spy, there have been several publicized cases of Chinese citizens being accused of spying on U.S. companies.

In 2010, Google (NASDAQ: GOOG) accused China of executing an attack against the company’s internal network. According to Wired.com, the hackers were seeking source codes from not only Google, but Adobe and several other companies. According to Dmitri Alperovitch, vice president of threat research for antivirus and Internet security company McAfee, that attack was unprecedented.

“We have never ever, outside of the defense industry, seen commercial industrial companies come under that level of sophisticated attack,” he said. “It’s totally changing the threat model.”

Not all Chinese breaches are in the form of Internet-based attacks. In 2011, a growing wind turbine company in China, Sinovel, abruptly stopped using its U.S.-based turbine-controller software provider, American Superconductor (NASDAQ:AMSC). This was a surprise to the U.S. company, but what had happened did not become apparent until an investigation into a software glitch with a Sinovel turbine in the Gobi desert revealed that Sinovel was using a stolen version of AMSC software. Perhaps more damaging, Sinovel now had access to AMSC’s proprietary source code. Sinovel was caught red-handed, but others, like the Google hackers, are more successful.

Last year, Aviation Week wrote about Chinese spies allegedly hacking into secure conference calls at Lockheed Martin (NYSE:LMT), one of the largest U.S. defense contractors, and stealing information about communication and antenna systems for the ultra-advanced, stealthy F-35 jets. As a result, Lockheed Martin was forced to redesign the parts after the discovery that they had been compromised, setting back production.

China’s cyberattack capabilities are definitely not underestimated by its global competitors. The data from Akamai confirms the U.S. government’s often-mentioned assumption that China is the most threatening force in cyberspace for American interests. According to a report by Bloomberg News, the U.S.-China Economic and Security Review Commission believes “China’s persistence, combined with notable advancements in exploitation activities over the past year, poses growing challenges to information systems and their users.”

And James Clapper, U.S. Director of National Intelligence, was quoted by the BBC describing China’s cyberwarfare advancement as a “formidable concern.”

Join the Discussion