The Economist - USA (2021-11-13)

The Economist November 13th 2021 47

China

State-sponsoredhacking

The spectral game

E

arlier thisyear Microsoft found that a

group  of  hackers,  which  it  called  Haf­

nium,  had  broken  into  hundreds  of  thou­

sands  of  computer  servers  around  the

world  that  were  running  the  firm’s  mail

and  calendar  software.  The  cyber­thieves

were stealing emails, documents and other

data from small businesses, ngos and local

governments  in  an  enormous,  seemingly

indiscriminate, cyber­attack. In July Amer­

ica,  Britain,  other  members  of  natoand

the  European  Union  all  blamed  China.

America was more specific. It named Chi­

na’s  civilian  intelligence  agency,  the  Min­

istry of State Security (mss).

Such  co­ordinated  condemnation  of

the  Chinese  government  for  allegedly

hacking  into  foreign  computer  systems

was unprecedented. But it was no surprise

in  the  West  that  China  appeared  to  be  re­

sponsible  (as  always  in  such  cases,  it  de­

nied involvement). 

In  2015,  standing  next  to  Xi  Jinping  at

the  White  House,  Barack  Obama  said  the

two  presidents  had  agreed  that  neither

country would “conduct or knowingly sup­

port  cyber­enabled  theft  of  intellectual

property” for commercial gain. But cyber­

experts  say  China  remains  hard  at  it.  In

September  attacks  allegedly  mounted  by

the  Chinese  government  included  ones

against  Indian  media  firms,  Microsoft’s

Windows operating system and Roshan, a

telecoms network in Afghanistan. 

Spy agencies everywhere hack into oth­

er countries’ computer systems. What irks

Western  governments  is  that  China  also

steals commercial secrets to pass on to its

companies,  whereas  there  is  no  evidence

that the West’s spies collude with business

like  this.  Since  Mr  Xi  took  power  in  2012,

China’s hacking capabilities have grown. 

The  Chinese  army’s  signals­intelli­

gence wing, the Third Department, used to

be  in  charge  of  such  work.  It  attacked

everyone from American military contrac­

tors  to  Google.  In  2014  America’s  Depart­

ment of Justice formally accused five Chi­

nese citizens from the Third Department’s

Unit 61398 of “computer hacking, econom­

ic  espionage  and  other  offences”  against

American  companies  involved  in  nuclear

and  solar  power  as  well  as  metal  produc­

tion. (Those charged were believed to be in

China and have not appeared in court.) By

then, however, control over hacking activ­

ities was being transferred to the mss. The

army  is  still  hacking,  but  its  targets  are

now mainly government ones.

The msswas first publicly linked to the

hacking  of  foreign  companies  in  2017.  Its

involvement  was  exposed  by  an  anony­

mous  blog  called  Intrusion  Truth,  which

monitors such attacks. Several cyber­secu­

rity firms endorsed its analysis. Later that

year  the  American  government  charged

three  alleged  msshackers  in  absentia  for

attacks  on  foreign  firms.  Two  of  the  ac­

cused had been identified by the blog.

Attributing  cyber­attacks  to  China,  let

alone  to  specific  government  agencies,  is

tricky.  Benjamin  Read  of  Mandiant,  an

American  firm  that  tries  to  keep  tabs  on

who is hacking what, explains that he and

his  colleagues  gather  and  analyse  telltale

tracks, such as the addresses of computers

used to launch attacks. A single hacking in­

cident  usually  does  not  leave  enough  in­

formation to identify the culprit: attackers

can  give  their  computers  a  false  address.

But that can be laborious, since, whenever

they  use  a  new  address,  the  hackers  must

Despite pledging not to, China still uses hackers to steal business secrets

→Alsointhissection

48 HongKong’sjaileddissidents

50 Chaguan: Why aim for zero covid?