Chinese Hack Attack!

English: Air Force Flag of the People's Republic of China (Photo credit: Wikipedia)

By Carl Weiss

Just when you thought it was safe to go back to the Internet, a news story breaks about how foreign governments are now hacking us companies, even going after their employee's computers.  This time it wasn’t inspired by teenage pranksters on the prowl.  Nor was it the Russian mob trying to break into financial institutions once again.  No, this time the culprits were state-sponsored hackers who wore military uniforms and lived in military barracks.  What I’m talking about is the latest hack attack by the Chinese People’s Liberation Army, which came to light to the nation at large on Monday, March 11, when Tom Donilon, President Obama’s national security adviser stated in a speech in New York City: 

“Increasingly, U.S. businesses are speaking out about their serious concerns about sophisticated, targeted theft of confidential business information and proprietary technologies through cyberintrusions emanating from China on an unprecedented scale. The international community cannot tolerate such activity from any country.” (Click here to read the slate.com blog.)

This is Not News to Our Government!

While this may have been news to the masses, to those in the know, this public revelation came as nothing new.  Everyone in the administration from the Department of Defense to Congress has for some time been portraying China as a menace to both national security and business interests who have been methodically stripped of intellectual property in a series of overt attacks that Top US officials admitted posed a greater potential threat then Al Qaeda. 

In a quote from the LA Times, “Mandiant Corp., a U.S. computer security firm based in Alexandria, VA., said in a report last month that it had traced an epidemic of attacks on dozens of

the Los Angeles Times offices (Photo credit: Omar Omar)

U.S. and Canadian companies to an office building in Shanghai occupied by an espionage unit of the People's Liberation Army.”

A comprehensive NY Times report states that they were hacked by the Chinese government in order to see if they could find a deep throat person in China that was passing information on China's current prime minister. Earlier this year the" New York Times"m published an expose about how relatives of Wen Jiaboa had accumulated a fortune worth several billion dollars.

Unlike many hackers who get a vicarious thrill from penetrating computer networks, what makes this hacking unusual is that many of the Chinese hackers are conscripts who are forced to work long hours for low pay.  This has caused several disaffected hackers to post blogs lamenting the conditions under which they work.  It has also led Mandiant and reporters to track down the nexus of hacking activity to an office building in Shanghai occupied by an espionage unit of the People’s Liberation Army.

“Richard Bejtlich, Mandiant's security chief, said posts written by the blogger, who called himself "Rocy Bird," provided the most detailed first-person account known to date of life inside the hacking

PLA military regions (1996) (Photo credit: Wikipedia)

establishment. The hacker, whose real family name is Wang, posted some 625 entries between 2006 and 2009. "Fate has made me feel that I am imprisoned," he wrote in his first entry on Sina.com. "I want to escape."

Los Angeles Times reporters tracked down Wang and his blog through an email address that was listed in a published 2006 paper about hacking. A coauthor of the paper was Mei Qiang, identified by Mandiant as a key hacker who operated under the alias "Super Hard" in Unit 61398.  One of many Chinese military units linked to hacking, Unit 61398 falls under the People's Liberation Army's General Staff 3rd Department, 2nd Bureau, which is roughly equivalent to the U.S. National Security Agency.” 

This is Not Your Geeky Brother's Hack Attack

What makes this current iteration of hacking so troubling is its sheer scope.  Where most hacking collectives specialize in homing in on certain high value targets, Unit 613898 has been

English: Seal of the Defense Security Cooperation Agency (DSCA), a defense agency of the U.S. Department of Defense (Photo credit: Wikipedia)

implicated in attacks on hundreds of American companies, including cyber security firms and government defense contractors.  They have also purportedly gained access to the networks of a company that helps in the operation of the US utility grid.

More troubling: This is only the tip of the cyber espionage iceberg.  How far have these hackers gotten?  A recent article by the "Washington Post" states: “Start asking security experts which powerful Washington institutions have been penetrated by Chinese cyberspies,” report my colleagues Craig Timberg and Ellen Nakashima, “and this is the usual answer: almost all of them.”

Known Targets are a Who's Who of Players

Known targets have included everything from Washington law firms, news organizations and think tanks, to the Federal Reserve, embassies, congressional offices and even the White House.  The attacks have become so widespread and commonplace that it has led some to lament that, “If you aren’t being hacked by the Chinese, then you probably don’t matter.”

What’s more troubling is the lack of response from the federal government to these overt attacks.  A March 3rd article in the "New York Times," points out:, “No one in the administration argues that the United States should respond with cyber- or physical retaliation for the theft of secrets. Attorney General Eric H. Holder Jr. has made clear that would be dealt with in criminal courts, though the prosecutions of cybertheft by foreign sources have been few.” 

While some have tried to get the government involved in the defense of private corporate networks, some of which control everything from the Internet and cellphone networks to financial institutions, the administration 

has been busy trying to put the onus on private industry.

“We are in a race against time,” Michael Chertoff, the former secretary of homeland security, said last week. “Most of the infrastructure is in private hands. The government is not going to be able to manage this like the air traffic control system. We’re going to have to enlist a large number of independent actors.”

That this trend is a growing menace is all too clear. The potential for a technological Pearl Harbor is an all too real and present danger.  When you consider there are no fewer than a dozen countries, including Iran, that are developing offensive cyberweapons designed to cause catastrophic failure in key elements of the US infrastructure, most cyber security experts agree that time is not on our side.

If you like this article, you can find more by typing in ”Internet security" in the search box at the top left of this blog. If you found this article useful, share it with your friends, families and co-works. If you have a comment related to this article, leave it in the Comment sections below.  If you would like a free copy of our book, "Internet Marketing Tips for the 21st Century," fill out the form below.

Email Marketing You Can Trust


Since 1995, Carl Weiss has been helping clients succeed online.  He owns and operates several online marketing businesses, including Working the Web to Win and Jacksonville Video Production. He also co-hosts the weekly radio show, "Working the Web to Win," every Tuesday at 4 p.m. Eastern on BlogTalkRadio.com.

• 'Chinese still hacking us,' says Wall Street Journal owner
• White House demands China cease alleged hacking activity
• China says willing to discuss cyber security with the U.S.
• China, U.S. should stop war of words on hacking, says new Chinese premier
• U.S. to China: Please stop hacking our companies, if you don't mind
• U.S. security firm blames Chinese army for hacking American businesses
• New Chinese Premier Li Keqiang rejects U.S. hacking claims
• Watch: Report: Chinese Hacking US Banks, Power Grid
• New York Times Hacked for Info on Chinese Family's Fortune
• NYT says Chinese repeatedly hacked paper's computers