China appears able to operate inside U.S. networks for months

Featured eBooks
CDM
Read Now

Future-Ready Workforce

Read Now

Health Tech

Read Now
Insights & Reports
Redefining Mission Security
Presented By Babel Street
Download Now
Defending government cloud against advancing threats
Presented By CrowdStrike
Download Now
Bob Brewin By Bob Brewin,
Editor at Large

By Bob Brewin

|

Report says hackers are likely to use stolen credentials to infiltrate databases.

China could use mature technologies to exploit computer networks for intelligence collection against U.S. government and industry networks, operating inside targeted networks for months, according to a U.S.-China Economic and Security Review Commission report to Congress.

The report, released on Oct. 16, did not directly point to Chinese government involvement in attacks on U.S. networks, but it did say the Peoples Liberation Army is training and equipping its force to use a variety of information warfare tools to gather intelligence and to establish information dominance over its adversaries during a conflict.

The report said Chinese hackers and programmers who support illegal activities have penetrated U.S. networks, though there are no explicit ties between the government and the hackers.

"The PLA is reaching out across a wide swath of Chinese civilian sector to meet the intensive personnel requirements necessary to support its burgeoning [information warfare] capabilities, incorporating people with specialized skills from commercial industry, academia and possibly select elements of China's hacker community," the report said.

"Little evidence exists in open sources to establish firm ties between the PLA and China's hacker community," the study noted. "However, research did uncover limited cases of apparent collaboration between more elite individual hackers and the [Peoples Republic of China's] civilian security services. The caveat to this is that amplifying details are extremely limited and these relationships are difficult to corroborate."

The report said China appears to have developed the capability to identify specific users in a targeted network to aid exploitation. This enables Chinese hackers to use stolen credentials to review file directories and potentially target specific documents for extraction or alteration, depending on the purpose of the attack.

Chinese hackers also could have the ability to infiltrate unclassified Defense Department networks and upload false files or alter existing records, forcing U.S. network operators to expend a lot of labor and time to scrub databases to make sure they have not been compromised, the report said.

China would likely combine a cyberattack with communications systems jamming and other forms of electronic warfare, and might prefer this kind of soft attack against an adversary to traditional warfare, the report said.

NEXT STORY: HHS Seeks Input on Information Network