Snowden affair blunts U.S. push for China to curb cyber theft
Newsletter published on 14 July 2013
(1) &
(2) Snowden: Microsoft gives NSA access to encrypted messages,
Skype
calls
(3) Snowden: secret court rulings used to "legitimize" Gov't
surveillance violating Constitution
(4) Snowden: NSA monitors China's
internet via Cisco
(5) China cyberpries stealing US intellectual
property
(6) Pentagon accuses China over cyber-espionage
(7) Chinese
military unit accused of hacking attacks
(8) Pentagon chief Chuck Hagel
accuses China of cyberattacks
(9) US weapon plans compromised by China:
report
(10) Snowden affair blunts U.S. push for China to curb cyber
theft
(11) US attempts to block Chinese Cyberspies
(1) Snowden:
Microsoft gives NSA access to encrypted messages, Skype calls
http://www.digitaljournal.com/article/354172
Edward
Snowden reveals Microsoft collaboration with the NSA
By Michael
Thomas
Jul 11, 2013
A new series of files provided by Edward
Snowden show that Microsoft
collaborated closely with the National Security
Agency to give the
agency access to Microsoft's encrypted data.
The
Guardian recently obtained top secret files that reveal just how
closely
Microsoft worked with the much-maligned NSA. Among other things,
the report
speaks of Microsoft allowing the NSA the ability to intercept
web chats;
access to Microsoft's cloud-based storage system SkyDrive;
and audio and
video recordings of conversations on Skype, the chat tool
Microsoft bought
in 2011.
The revelations come at a particularly bad time for Microsoft,
Gizmodo
reports. Just a few hours earlier on Thursday, the company announced
vast new restructuring plans. Ironically, Microsoft launched a marketing
campaign in April with the slogan "Your privacy is our priority."
In
response to the allegations, Microsoft said, "When we upgrade or
update
products we aren't absolved from the need to comply with existing
or future
lawful demands." They also insist they only provide customer
data when asked
by the government, and further, only when the data is
about a specific case
or person.
Many major technology firms in Silicon Valley are reportedly
lobbying
the government to allow them to disclose the exact nature of their
co-operation with the NSA, citing customer concern over privacy. Since
the revelation of the PRISM program, technology firms listed on NSA
documents have routinely denied any knowledge of the program's
existence. They have also said the NSA does not have any "back door"
access to their data.
Several countries have since expressed concern
over the extent of the
NSA's spying. Most recently, two French human rights
groups are suing
the NSA, as reported by Digital Journal. Various US
politicians have
defended the PRISM program, however, saying that it is
crucial to the
nation's security.
(2) Snowden: Microsoft gives NSA
access to encrypted messages, Skype calls
http://www.guardian.co.uk/world/2013/jul/11/microsoft-nsa-collaboration-user-data
How
Microsoft handed the NSA access to encrypted messages
Secret files show
scale of Silicon Valley co-operation on Prism
Outlook.com encryption unlocked
even before official launch
Skype worked to enable Prism collection of video
calls
Company says it is legally compelled to comply
Glenn Greenwald,
Ewen MacAskill, Laura Poitras, Spencer Ackerman and
Dominic Rushe
The
Guardian, Friday 12 July 2013
Microsoft has collaborated closely with US
intelligence services to
allow users' communications to be intercepted,
including helping the
National Security Agency to circumvent the company's
own encryption,
according to top-secret documents obtained by the
Guardian.
The files provided by Edward Snowden illustrate the scale of
co-operation between Silicon Valley and the intelligence agencies over
the last three years. They also shed new light on the workings of the
top-secret Prism program, which was disclosed by the Guardian and the
Washington Post last month.
The documents show that:
?
Microsoft helped the NSA to circumvent its encryption to address
concerns
that the agency would be unable to intercept web chats on the
new
Outlook.com portal;
? The agency already had pre-encryption stage access
to email on
Outlook.com, including Hotmail;
? The company worked with
the FBI this year to allow the NSA easier
access via Prism to its cloud
storage service SkyDrive, which now has
more than 250 million users
worldwide;
? Microsoft also worked with the FBI's Data Intercept Unit to
"understand" potential issues with a feature in Outlook.com that allows
users to create email aliases;
? In July last year, nine months after
Microsoft bought Skype, the NSA
boasted that a new capability had tripled
the amount of Skype video
calls being collected through Prism;
?
Material collected through Prism is routinely shared with the FBI and
CIA,
with one NSA document describing the program as a "team sport".
The
latest NSA revelations further expose the tensions between Silicon
Valley
and the Obama administration. All the major tech firms are
lobbying the
government to allow them to disclose more fully the extent
and nature of
their co-operation with the NSA to meet their customers'
privacy concerns.
Privately, tech executives are at pains to distance
themselves from claims
of collaboration and teamwork given by the NSA
documents, and insist the
process is driven by legal compulsion.
In a statement, Microsoft said:
"When we upgrade or update products we
aren't absolved from the need to
comply with existing or future lawful
demands." The company reiterated its
argument that it provides customer
data "only in response to government
demands and we only ever comply
with orders for requests about specific
accounts or identifiers".
In June, the Guardian revealed that the NSA
claimed to have "direct
access" through the Prism program to the systems of
many major internet
companies, including Microsoft, Skype, Apple, Google,
Facebook and Yahoo.
Blanket orders from the secret surveillance court
allow these
communications to be collected without an individual warrant if
the NSA
operative has a 51% belief that the target is not a US citizen and
is
not on US soil at the time. Targeting US citizens does require an
individual warrant, but the NSA is able to collect Americans'
communications without a warrant if the target is a foreign national
located overseas.
Since Prism's existence became public, Microsoft
and the other companies
listed on the NSA documents as providers have denied
all knowledge of
the program and insisted that the intelligence agencies do
not have back
doors into their systems.
Microsoft's latest marketing
campaign, launched in April, emphasizes its
commitment to privacy with the
slogan: "Your privacy is our priority."
Similarly, Skype's privacy policy
states: "Skype is committed to
respecting your privacy and the
confidentiality of your personal data,
traffic data and communications
content."
But internal NSA newsletters, marked top secret, suggest the
co-operation between the intelligence community and the companies is
deep and ongoing.
The latest documents come from the NSA's Special
Source Operations (SSO)
division, described by Snowden as the "crown jewel"
of the agency. It is
responsible for all programs aimed at US communications
systems through
corporate partnerships such as Prism.
The files show
that the NSA became concerned about the interception of
encrypted chats on
Microsoft's Outlook.com portal from the moment the
company began testing the
service in July last year.
Within five months, the documents explain,
Microsoft and the FBI had
come up with a solution that allowed the NSA to
circumvent encryption on
Outlook.com chats
A newsletter entry dated
26 December 2012 states: "MS [Microsoft],
working with the FBI, developed a
surveillance capability to deal" with
the issue. "These solutions were
successfully tested and went live 12
Dec 2012."
Two months later, in
February this year, Microsoft officially launched
the Outlook.com
portal.
Another newsletter entry stated that NSA already had
pre-encryption
access to Outlook email. "For Prism collection against
Hotmail, Live,
and Outlook.com emails will be unaffected because Prism
collects this
data prior to encryption."
Microsoft's co-operation was
not limited to Outlook.com. An entry dated
8 April 2013 describes how the
company worked "for many months" with the
FBI which acts as the liaison
between the intelligence agencies and
Silicon Valley on Prism to allow Prism
access without separate
authorization to its cloud storage service
SkyDrive.
The document describes how this access "means that analysts
will no
longer have to make a special request to SSO for this a process step
that many analysts may not have known about".
The NSA explained that
"this new capability will result in a much more
complete and timely
collection response". It continued: "This success is
the result of the FBI
working for many months with Microsoft to get this
tasking and collection
solution established."
A separate entry identified another area for
collaboration. "The FBI
Data Intercept Technology Unit (DITU) team is
working with Microsoft to
understand an additional feature in Outlook.com
which allows users to
create email aliases, which may affect our tasking
processes."
The NSA has devoted substantial efforts in the last two years
to work
with Microsoft to ensure increased access to Skype, which has an
estimated 663 million global users.
One document boasts that Prism
monitoring of Skype video production has
roughly tripled since a new
capability was added on 14 July 2012. "The
audio portions of these sessions
have been processed correctly all
along, but without the accompanying video.
Now, analysts will have the
complete 'picture'," it says.
Eight
months before being bought by Microsoft, Skype joined the Prism
program in
February 2011.
According to the NSA documents, work had begun on smoothly
integrating
Skype into Prism in November 2010, but it was not until 4
February 2011
that the company was served with a directive to comply signed
by the
attorney general.
The NSA was able to start tasking Skype
communications the following
day, and collection began on 6 February.
"Feedback indicated that a
collected Skype call was very clear and the
metadata looked complete,"
the document stated, praising the co-operation
between NSA teams and the
FBI. "Collaborative teamwork was the key to the
successful addition of
another provider to the Prism system."
ACLU
technology expert Chris Soghoian said the revelations would
surprise many
Skype users. "In the past, Skype made affirmative promises
to users about
their inability to perform wiretaps," he said. "It's hard
to square
Microsoft's secret collaboration with the NSA with its
high-profile efforts
to compete on privacy with Google."
The information the NSA collects from
Prism is routinely shared with
both the FBI and CIA. A 3 August 2012
newsletter describes how the NSA
has recently expanded sharing with the
other two agencies.
The NSA, the entry reveals, has even automated the
sharing of aspects of
Prism, using software that "enables our partners to
see which selectors
[search terms] the National Security Agency has tasked
to Prism".
The document continues: "The FBI and CIA then can request a
copy of
Prism collection of any selector=85" As a result, the author notes:
"these two activities underscore the point that Prism is a team
sport!"
In its statement to the Guardian, Microsoft said:
We have
clear principles which guide the response across our entire
company to
government demands for customer information for both law
enforcement and
national security issues. First, we take our commitments
to our customers
and to compliance with applicable law very seriously,
so we provide customer
data only in response to legal processes.
Second, our compliance team
examines all demands very closely, and we
reject them if we believe they
aren't valid. Third, we only ever comply
with orders about specific accounts
or identifiers, and we would not
respond to the kind of blanket orders
discussed in the press over the
past few weeks, as the volumes documented in
our most recent disclosure
clearly illustrate.
Finally when we
upgrade or update products legal obligations may in some
circumstances
require that we maintain the ability to provide
information in response to a
law enforcement or national security
request. There are aspects of this
debate that we wish we were able to
discuss more freely. That's why we've
argued for additional transparency
that would help everyone understand and
debate these important issues.
In a joint statement, Shawn Turner,
spokesman for the director of
National Intelligence, and Judith Emmel,
spokeswoman for the NSA, said:
The articles describe court-ordered
surveillance and a US company's
efforts to comply with these legally
mandated requirements. The US
operates its programs under a strict oversight
regime, with careful
monitoring by the courts, Congress and the Director of
National
Intelligence. Not all countries have equivalent oversight
requirements
to protect civil liberties and privacy.
They added: "In
practice, US companies put energy, focus and commitment
into consistently
protecting the privacy of their customers around the
world, while meeting
their obligations under the laws of the US and
other countries in which they
operate."
? This article was amended on 11 July 2013 to reflect
information from
Microsoft that it did not make any changes to Skype to
allow Prism
collection on or around July 2012.
(3) Snowden: secret
court rulings used to "legitimize" Gov't
surveillance violating
Constitution
http://www.heraldsun.com.au/technology/news/nsa-whistleblower-edward-snowden-surfaces-to-meet-activists-at-moscows-sheremetyevo-airport/story-fni0bzod-1226678729528
NSA
whistleblower Edward Snowden surfaces to meet activists at Moscow's
Sheremetyevo airport
AP
JULY 13, 2013 6:43AM
http://www.heraldsun.com.au/technology/news/nsa-whistleblower-edward-snowden-surfaces-to-meet-activists-at-moscows-sheremetyevo-airport/story-fni0bzod-1226678729528
EDWARD
Snowden has been seen meeting with human rights activists at
Moscow's
Sheremetyevo international airport.
National Security Agency leaker
Edward Snowden wants asylum in Russia
and is willing to stop sharing
information as a trade-off for such a
deal, according to a parliament member
who was among a dozen activists
and officials to meet with him
Friday.
Mr Snowden appeared nervous, but in apparently good health during
the
meeting behind closed doors in the transit zone of Moscow's Sheremetyevo
airport where he's been marooned for weeks, Duma member Vyacheslav
Nikonov told reporters.
In a statement, Mr Snowden said he had no
regrets about leaking
information about government surveillance but admitted
that it had been
at a person cost to him.
<http://wikileaks.org/Statement-by-Edward-Snowden-to.html>
"The
4th and 5th Amendments to the Constitution of my country, Article
12 of the
Universal Declaration of Human Rights, and numerous statutes
and treaties
forbid such systems of massive, pervasive surveillance," Mr
Snowden said.
"While the US Constitution marks these programs as
illegal, my government
argues that secret court rulings, which the world
is not permitted to see,
somehow legitimize an illegal affair.
"That moral decision to tell the
public about spying that affects all of
us has been costly, but it was the
right thing to do and I have no
regrets," he said.
A photo attributed
to a Human Rights Watch representative who attended
the meeting was posted
on the Guardian and other websites, the first
image to appear of Mr Snowden
since the newspaper broke the story of
widespread US internet surveillance
based on his leaks.
An image posted to Twitter of NSA whistleblower
Edward Snowden meeting
with rights activists in Moscow. Picture: Tanya
Lokshina - Human Rights
Watch
Dmitry Peskov, President Vladimir
Putin's spokesman, told Russian news
agencies after the announcement on
Friday that Russia has not yet
received a new bid for asylum from Mr Snowden
and that Mr Putin would
continue with his insistence that Mr Snowden stop
leaking information.
Both Mr Nikonov and Genri Reznik, a lawyer who
participated in the
meeting, said Mr Snowden was willing to stop leaks.
...
(4) Snowden: NSA monitors China's internet via Cisco
http://www.wantchinatimes.com/news-subclass-cnt.aspx?id=20130618000122&cid=1101
Cisco's
business in China set to suffer from Prism revelations
Staff Reporter
2013-06-18 16:29 (GMT+8)
At a time when nine internet companies are
believed to be involved in
the US National Security Agency's Prism
surveillance, Cisco Systems, one
of the nine and the world's biggest IT
equipment provider in cloud
computing, has been involved in almost all
China's major network
construction projects, the Shenzhen-based Securities
Times reports.
Edward Snowden, a former technical worker at the CIA and
NSA last week
sensationally revealed himself as the whistleblower behind
leaks that
uncovered secret US government surveillance programs. Snowden, an
IT
administrator for the defense contractor Booz Allen Hamilton, said that
the UK intelligence-gathering agency GCHQ may have connections to the
Prism program, which is said to give American agencies easy access to
nine of the world's top internet companies, as well as the phone records
of millions of people.
According to Snowden, nine companies,
including Cisco, Apple, Facebook,
Microsoft and Google, are involved in
spying activities by giving access
to their databanks to the US agencies —
an accusation all nine companies
swiftly denied, the report
said.
However, on June 14, Facebook and Microsoft admitted that the US
government had asked them to provide information on their users, and
they unveiled the partial details in a bid to distance themselves from
the Prism revelations as early as possible.
Meanwhile, Chinese media
has turned the focus to the potential threats
to China's internet security
by these US internet companies, as Snowden
revealed that the NSA monitored
China's internet and computer operations
via Cisco.
Cisco has
reportedly been involved in almost all the construction of
major network
projects in China related to the government, customs, post
offices, finance,
railway, aviation, medical, military and police, as
well as
telecommunication networks. Cisco controls more than 70% of
China's two
biggest internet operators, China Telecom and China Unicom,
which together
account for more than 80% of the country's internet traffic.
Furthermore,
Cisco is the key technology and equipment supplier to the
US government and
its military. Security experts are therefore worried
that in the even of
war, the US government could use Cisco's products
around the world to create
an internet war to deal a major blow to
adversary countries.
Cisco
has overtaken Hewlett-Packard and IBM to become the world's
biggest IT
equipment provider in terms of cloud computing, according to
market
researcher Synergy Research Group.
Cisco raked in income of more than
US$1.6 billion last year in China,
representing 30% of its total profits. It
is expected that the Prism
incident will seriously affect its business in
China, while other
companies such as Microsoft and Apple will also see their
business in
mainland China affected, the report said.
Since last
year, security experts already called for the Chinese
government to
emphasize internet security problems. The Prism incident
is a major warning
and may well prompt Beijing to enact an internet
security act to set clear
rules to regulate purchases by the government,
military and state-run
enterprises.
Such legislation would inevitably benefit domestic suppliers
such as
Huawei and ZTE in cloud computing, data processing, IT consulting
and
information security, the report said. Perhaps a touch ironically, the
two Chinese companies have seen their attempts to expand their business
in the United States hampered by national security concerns from the US
government in precisely the same manner as Cisco may be expected to
experience.
(5) China cyberpries stealing US intellectual
property
http://www.theregister.co.uk/2013/05/23/us_government_report_chinese_ip_theft/
Report:
China IP theft now equal in value to US exports to Asia
Stricter security
testing, sanctions and legal counterhacking needed
By Iain Thomson in San
Francisco
Posted in Security, 23rd May 2013 01:33 GMT
China is
responsible up to 80 per cent of US intellectual property
theft, which a
government report has estimated accounts for $300bn in
lost exports, roughly
the equivalent of the current American trade
balance with
Asia.
"Unless current trends are reversed, there is a risk of stifling
innovation, with adverse consequences for both developed and still
developing countries," the IP Commission report warns. "The American
response to date of hectoring governments and prosecuting individuals
has been utterly inadequate to deal with the problem."
The
commission, headed by the former ambassador to China and Republican
presidential candidate Jon Huntsman, former director of national
intelligence Admiral Dennis Blair, and aided by former Intel boss Craig
Barrett, has spent the last year examining the state of IP theft in the
US, and the results aren't pretty.
An estimated 70 per cent of US
corporate assets are tied up in
"intangible assets" such as intellectual
property, and around 6 per cent
of this is being lost in IP theft every
year, according to the
commission. If China operated at the same level of IP
law as the US, the
result would be an estimated $107bn in additional annual
sales for
American companies and net employment could increase by 2.1
million jobs.
The most immediate problem is that US companies are being
directly
harmed by IP theft. The report cited a recent case where a US firm
had
perfected a miniaturized smartphone component, only to have its designs
(and markets) stolen when Middle Kingdom companies undersold them using
the purloined material.
China was also fingered in a US Senate Armed
Services Committee
investigation that found over 1,800 counterfeit
electronic and
mechanical products that were traced back to over 100 Chinese
firms.
Some factories building these fake goods employ 15,000 people at a
time.
Other countries are also taking part in skinning the US on IP,
according
to the report.
"Russia, India, and other countries
constitute important actors in a
worldwide challenge," it states. "Many
issues are the same: poor legal
environments for IPR, protectionist
industrial policies, and a sense
that IP theft is justified by a playing
field that benefits developed
countries."
This is all leading to the
long-term effect of discouraging research and
development by US companies,
the report suggests. There's little point
in spending vast amounts on
R&D if someone's going to steal the result
and manufacture it
offshore.
Send lawyers, guns, and money
The report makes 21
recommendations, with the initial push being
legislative. Congress needs to
view IP theft as a matter of national
security, the report suggests, and a
foreign company's record on the
issue must be taken into account when
deciding whether to allow foreign
investors to operate in the US and use its
banking and financial services.
Disclosure laws also have to be beefed
up, so that when US companies
suffer theft they have to report it and can be
held accountable. The US
should move away from the policy of trying to
persuade governments to
enforce IP laws and be more willing to use bodies
like the International
Trade Commission to pursue claims.
The report
says increases are needed in the funding and investigative
capabilities of
the FBI and Department of Justice to go after IP
offenders and, somewhat
more controversially, it also recommends US
companies should be freed up to
take measures to fight back against
attackers and retrieve stolen
information.
"Currently, Internet attacks against hackers for purposes of
self-defense are as illegal under U.S. law as the attacks by hackers
themselves," the report states. "If counterattacks against hackers were
legal, there are many techniques that companies could employ that would
cause severe damage to the capability of those conducting IP
theft."
Finally, offending companies must be penalized in cases of proven
theft,
to reduce the financial incentive for crime. This could involve a
tariff
on Chinese imports amounting to 150 per cent of the estimated value
of
IP theft and/or the withholding of an equivalent amount from the World
Health Organization budget.
All this will make uncomfortable reading
for President Obama as he
prepares for his first meeting with the new
Chinese president Xi Jinping
next month. No doubt they will have lots to
talk about on the IP front. ®
(6) Pentagon accuses China over
cyber-espionage
http://www.abc.net.au/news/2013-05-07/an-pentagon-report-accuses-china-of-cyber-espionage/4674056
Updated
May 28, 2013 07:33:57
A Pentagon report says China has engaged in
widespread cyber-espionage
in a bid to extract information about the US
Government's foreign policy
and military plans.
In its 83-page annual
report to Congress on Chinese military
developments, the Pentagon said
China's cyber snooping was a "serious
concern" that pointed to an even
greater threat because the "skills
required for these intrusions are similar
to those necessary to conduct
computer network attacks".
"The US
government continued to be targeted for (cyber) intrusions, some
of which
appear to be attributable directly to the Chinese government
and military,"
it said.
The report says the main purpose of the hacking was to gain
information
to benefit defence industries, military planners and government
leaders.
"China is using its computer network exploitation (CNE)
capability to
support intelligence collection against the US diplomatic,
economic, and
defence industrial base sectors that support US national
defence
programs," it said.
"In 2012, numerous computer systems
around the world, including those
owned by the US government, continued to
be targeted for intrusions,
some of which appear to be attributable directly
to the Chinese
government and military."
The report marked the most
explicit statement yet from the United States
that it believes China's cyber
spying is focused on the US government,
as well as American
corporations.
Although President Barack Obama's administration has
demanded China stop
widespread cyber theft, officials have tended to focus
their public
comments on the hacking of private business networks and not US
government agencies.
The information targeted by the cyber spying
could possibly benefit
China's arms and technology sectors, as well
policymakers interested in
US leaders' thinking on China-related issues, the
report said.
The cyber spying could assist Chinese military planners in
"building a
picture of US network defence networks, logistics, and related
military
capabilities that could be exploited during a crisis," it
said.
US officials have grown alarmed over what they call increasingly
brazen
hacking from China that has penetrated defence contractors including
Lockheed Martin and a host of other organizations and agencies.
The
digital espionage was part of a broader industrial espionage effort
that
seeks to secure military-related US and Western technology,
allowing Beijing
to scale back its reliance on foreign arms manufacturers.
"China
continues to leverage foreign investments, commercial joint
ventures,
academic exchanges, the experience of repatriated Chinese
students and
researchers, and state-sponsored industrial and technical
espionage to
increase the level of technologies and expertise available
to support
military research, development, and acquisition," the report
said.
...
ABC/Wires
(7) Chinese military unit accused of hacking
attacks
http://www.abc.net.au/news/2013-02-20/chinese-military-unit-accused-of-hacking-attacks/4528870
By
Brendan Trembath and wires
Updated February 20, 2013
11:59:52
Computer security company Mandiant says it believes a Chinese
military
unit is responsible for multiple hacking attacks against the United
States.
The US-based company has released a report that identifies 'Unit
61398'
as the most likely source of attacks on at least 141 organisations,
"across a diverse set of industries beginning as early as 2006".
"The
nature of 'Unit 61398's' work is considered by China to be a state
secret;
however, we believe it engages in harmful 'Computer Network
Operations',"
Mandiant said in the report.
"It is time to acknowledge the threat is
originating in China, and we
wanted to do our part to arm and prepare
security professionals to
combat that threat effectively."
The report
says Unit 61398 is located in Shanghai's Pudong district,
China's financial
and banking hub, and staffed by perhaps thousands of
people proficient in
English as well as computer programming and network
operations.
The
unit had stolen "hundreds of terabytes of data".
Clients including The
New York Times have hired Mandiant to clean up
their systems after
cyberattacks.
The New York Times said hackers stole its corporate
passwords and
accessed the personal computers of 53 employees after the
newspaper
published a report on the family fortune of China's premier Wen
Jiabao.
Most of the hacking victims are located in the United States,
with
smaller numbers in Canada and Britain.
The information stolen
ranged from details on mergers and acquisitions
to the emails of senior
employees, Mandiant said.
The 12-storey building that reportedly houses
the unit sits in an
unassuming residential area and is surrounded by a wall
adorned with
military propaganda photos and slogans. ...
(8) Pentagon
chief Chuck Hagel accuses China of cyberattacks
http://www.theaustralian.com.au/news/world/pentagon-chief-chuck-hagel-accuses-china-of-cyberattacks/story-e6frg6so-1226654977891
AFP
June 01, 2013 3:41PM
US Defence Secretary Chuck Hagel has accused Beijing
of involvement in
cyber espionage in a speech at a Singapore security forum
attended by
Chinese military officials.
Stepping up US pressure on
China over electronic espionage ahead of a
summit between their leaders next
week, Hagel pointedly blamed the
Chinese government and military for
repeated intrusions into sensitive
US information systems.
"The
United States has expressed our concerns about the growing threat
of cyber
intrusions, some of which appear to be tied to the Chinese
government and
military," Hagel said in prepared remarks delivered at an
annual Singapore
conference known as the Shangri-La Dialogue.
"As the world's two largest
economies, the US and China have many areas
of common interest and concern,
and the establishment of a cyber working
group is a positive step in
fostering US-China dialogue on cyber," the
Pentagon chief said.
"We
are determined to work more vigorously with China and other partners
to
establish international norms of responsible behaviour in
cyberspace."
Hagel's speech came at the end of a week in which China was
forced to
deny claims that it mounted a cyber attack to steal the plans for
ASIO's
Canberra headquarters.
US President Barack Obama and his
Chinese counterpart Xi Jinping will
meet in California on June 7-8, the two
leaders' first meeting since Xi
took office in March.
China's
delegation to the Singapore meeting was led by Lieutenant
General Qi
Jianguo, a deputy chief of the general staff of the People's
Liberation
Army.
Hagel's remarks came just days after China's defence ministry
dismissed
a Pentagon report released in May accusing Chinese hackers of
accessing
US weapons designs. ...
The Pentagon report released in
early May said China has engaged in
widespread cyber espionage in a bid to
extract information about the US
government's foreign policy and military
plans.
China kept up a steady campaign of hacking in 2012 that included
attempts to target US government computer networks, which could provide
Beijing a better insight into America's policy deliberations and
military capabilities, it said.
"China is using its computer network
exploitation (CNE) capability to
support intelligence collection against the
US diplomatic, economic, and
defense industrial base sectors that support US
national defense
programs,'' said the report.
(9) US weapon plans
compromised by China: report
http://articles.washingtonpost.com/2013-05-27/world/39554997_1_u-s-missile-defenses-weapons-combat-aircraft
Ellen
Nakashima
Washington Post
May 28, 2013
Washington: Designs
for many of the US's most sensitive advanced weapons
systems have been
compromised by Chinese hackers, according to a report
prepared for the
Pentagon and to officials from government and the
defence
industry.
Among more than two dozen major weapons systems whose designs
were
breached were programs critical to US missile defences and combat
aircraft and ships, according to a previously undisclosed section of a
confidential report prepared by the Defence Science Board for Pentagon
leaders.
Experts warn that the electronic intrusions gave China
access to
advanced technology that could accelerate the development of its
weapons
systems and weaken the US military advantage in a future
conflict.
The Defence Science Board, a senior advisory group composed of
government and civilian experts, did not accuse the Chinese of stealing
the designs. But senior military and industry officials with knowledge
of the breaches said the vast majority were part of a widening Chinese
campaign of espionage against US defence contractors and government
agencies.
The significance and extent of the targets help explain why
the Obama
administration has escalated its warnings to the Chinese
government to
stop what Washington sees as rampant cyber theft.
In
March, the advisory panel warned in the public version of its report
that
the Pentagon is unprepared to counter a full-scale cyber conflict.
The list
of compromised weapons designs is contained in a confidential
version, and
it was provided to The Washington Post.
Some of the weapons form the
backbone of the Pentagon's regional missile
defence for Asia, Europe and the
Persian Gulf. The designs included
those for the advanced Patriot missile
system, known as PAC-3; an Army
system for shooting down ballistic missiles,
known as the Terminal High
Altitude Area Defence, or THAAD; and the Navy's
Aegis ballistic missile
defence system.
Also identified in the report
are vital combat aircraft and ships,
including the F/A-18 fighter jet, the
V-22 Osprey, the Black Hawk
helicopter and the Navy's new Littoral Combat
Ship, which is designed to
patrol waters close to shore.
Also on the
list is the most expensive weapons system ever built – the
F-35 Joint Strike
Fighter, which is on track to cost about $US1.4
trillion ($1.45 trillion).
The 2007 hack of that project was reported
previously.
China, which
is pursuing a long-term, comprehensive strategy to
modernise its military,
is investing in ways to overcome the US military
advantage – and cyber
espionage is seen as a key tool in that effort,
the Pentagon noted this
month in a report to Congress on China. For the
first time, the Pentagon
specifically named the Chinese government and
military as the culprit behind
intrusions into government and other
computer systems.
As the threat
from Chinese cyber espionage has grown, the administration
has become more
public with its concerns. In a speech in March, Thomas
Donilon, the national
security adviser to President Barack Obama, urged
China to control its cyber
activity. In its public criticism, the
administration has avoided
identifying the specific targets of hacking.
But US officials said
several examples were raised privately with senior
Chinese government
representatives in a four-hour meeting a year ago.
The officials, who spoke
on the condition of anonymity to describe a
closed meeting, said senior US
defence and diplomatic officials
presented the Chinese with case studies
detailing the evidence of major
intrusions into US companies, including
defence contractors.
In addition, a recent classified National
Intelligence Estimate on
economic cyber espionage concluded that China was
by far the most active
country in stealing intellectual property from US
companies.
The Chinese government insists that it does not conduct cyber
espionage
on US agencies or companies, and government spokesmen often
complain
that Beijing is a victim of US cyber attacks.
Mr Obama is
expected to raise the issue when he meets with Chinese
President Xi Jinping
next month in California. ...
(10) Snowden affair blunts U.S. push for
China to curb cyber theft
http://www.reuters.com/article/2013/07/09/us-usa-china-cyber-idUSBRE96713220130709
Mon,
Jul 8 2013
By Paul Eckert
WASHINGTON | Tue Jul 9, 2013 6:35am
EDT
WASHINGTON (Reuters) - Revelations by former U.S. spy agency
contractor
Edward Snowden will make it harder for the United States to
confront
China at talks this week over the alleged cyber theft of trade
secrets
worth hundreds of billions of dollars a year.
Snowden's
disclosures of American electronic surveillance around the
world give China
an argument to counter U.S. complaints that it steals
private intellectual
property (IP) from U.S. companies and research centers.
Cyber security is
at the center of high-level talks between the two
countries in Washington
that will show whether a positive tone struck by
President Barack Obama and
new Chinese President Xi Jinping at a summit
last month can translate into
cooperation on difficult issues.
Top U.S. officials, from Obama down,
have long tried to convince China
to recognize a clear line between the kind
of cyber espionage by spy
agencies revealed by Snowden and the theft of
technology.
"This Snowden thing has muddied the waters in a terrible
way," said
James McGregor, author of a book on China's authoritarian
capitalism and
industrial policy.
"China would rather have the waters
muddy, because they can say 'You do
it. We do it. What's the big deal?' and
the cyber theft from companies
will go on and on," he said by telephone from
China, where he is senior
counselor for APCO Worldwide, a U.S. business
consultancy.
At the talks, U.S. officials will press China on cyber
theft, Treasury
Secretary Jack Lew said last week, describing the problem as
"just
different from other kinds of issues in the cyber area.
Many
countries spy on each other, but U.S. officials say China is unique
in the
amount of state-sponsored IP theft it carries out as it tries to
catch up
with the United States in economic power and technological prowess.
Last
week the U.S. Department of Justice charged Chinese wind turbine
maker
Sinovel Wind Group Co and two of its employees with stealing
software source
code from U.S.-based AMSC worth $800 million.
The U.S. Chamber of
Commerce hopes "to see a clear indication that China
recognizes thefts of
trade secrets, whether by cyber or other means, is
stealing property and
will bring the full force of its laws to curb
this," said Jeremie Waterman,
the group's senior director for Greater China.
Beijing parries complaints
about Chinese hacking into the computers of
U.S. businesses by saying China
is itself a major victim of cyber
espionage. Chinese officials have
dismissed as unconvincing recent U.S.
official and private-sector reports
attributing large-scale hacking of
American networks to
China.
China's official Xinhua news agency said last month the Snowden
case
showed the United States was "the biggest villain in our age" and a
hypocrite for complaining about Chinese cyber attacks.
On Tuesday,
the Communist Party's People's Daily attacked the United
States for a
hypocritical internet policy of defending hacking in the
name of national
security when it suited Washington's purposes.
"Differentiating hacking
attacks as 'good' and 'bad' is a double
standard when it comes to internet
security," the newspaper's overseas
edition said in a front page
comment.
China's stance seems to be stiffened by Snowden's revelations of
widespread surveillance by the National Security Agency and his
assertion that the agency hacked into critical network infrastructure at
universities in China and Hong Kong.
Snowden fled to Hong Kong before
his leaks to newspapers became public
last month, and then went to Moscow,
where he is believed to be holed up
in the transit area of the Sheremetyevo
airport, trying to find a
country to give him sanctuary.
'OUT OF
BOUNDS' SPYING
Now in their fifth year, the annual U.S.-Chinese talks,
known as the
Strategic and Economic Dialogue, will cover topics from U.S.
concerns
about North Korea's nuclear weapons and expanding military ties to
climate change and access to Chinese financial markets.
China's
exchange-rate policy is on the agenda, although it has receded
as an issue
with the gradual strengthening of the yuan and a reduction
of huge current
account imbalances.
This year U.S. Secretary of State John Kerry and Lew
host Chinese State
Councilor Yang Jiechi and Vice Premier Wang Yang for the
first such
dialogue session since China's once-a-decade leadership change in
March,
when Xi took over.
The meetings follow Obama's summit last
month with Xi in California,
where the two men developed what aides called a
productive relationship.
Nevertheless, Obama demanded Chinese action to halt
what he called "out
of bounds" cyber spying.
Officials from the two
countries discussed international law and
practices in cyberspace at
low-level talks on Monday. Cyber security
will feature at other meetings
during the week that are also likely to
address U.S. accusations that
Beijing gained access electronically to
Pentagon weapons designs.
IP
theft costs U.S. businesses $320 billion a year, a sum equivalent to
annual
U.S. exports to Asia, the authors of a recent report say.
China accounts
for between 50 percent and 80 percent of IP theft
suffered by U.S. firms,
the Commission on the Theft of American
Intellectual Property, a bipartisan
group of former U.S. officials, said
in a May report.
Cyber theft of
industrial designs, business strategies and trade secrets
is just a part of
IP pilfering.
IP theft also involves "planted employees, bribed
employees, employees
who were appealed to on the basis of nationalism and
all the traditional
means of espionage, often accompanied by cyber," said
Richard Ellings,
president of the National Bureau of Asian Research think
tank, who
co-wrote the report.
The U.S. District Court in Manhattan
charged three New York University
researchers in May with conspiring to take
bribes from Chinese medical
and research outfits for details about NYU
research into magnetic
resonance imaging technology.
Arrests by U.S.
Immigration and Customs Enforcement and the Homeland
Security Department for
IP infringements rose 159 percent and
indictments increased 264 percent from
2009 to 2013, a June report by
the U.S. Intellectual Property Enforcement
Coordinator showed.
The Commission on the Theft of American Intellectual
Property called for
tough penalties including banking sanctions, bans on
imports and
blacklisting in U.S. financial markets.
(Additional
reporting by Ben Blanchard in BEIJING; Editing by Alistair
Bell, Xavier
Briand and Clarence Fernandez)
(11) US attempts to block Chinese
Cyberspies
http://online.wsj.com/article/SB10001424127887324694904578600041603746114.html
Updated
July 12, 2013, 12:57 a.m. ET
U.S., Firms Draw a Bead on Chinese
Cyberspies
BY DANNY YADRON AND SIOBHAN GORMAN
The U.S. government
gave American Internet providers addresses linked to
suspected Chinese
hackers earlier this year as part of a previously
undisclosed effort aimed
at blocking cyberspying, current and former
U.S. officials said.
The
push reflects a significant shift in levels of cooperation between
the
government and Internet companies amid rising concerns over hacking.
It also
marks a bold move by the U.S. as it takes part in high-level
meetings on
cybersecurity and other matters with the Chinese this week
in Washington.
Each side accuses the other of cyberespionage. ...
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.