Economic warfare, 21st century style

A little-known cyber-security firm called Mandiant dropped a bombshell last week. The Washington, D.C.

A little-known cyber-security firm called Mandiant dropped a bombshell last week. The Washington, D.C.-based outfit released a report that made a very convincing case that Chinese government agencies are behind a vast range of highly sophisticated electronic attacks on Western companies and governments.

Their report was highly detailed, including video capture of real cyber attacks from Shanghai and an appendix documenting thousands of examples from the Chinese “malware arsenal.”

Many of the attacks are aimed at Western companies, especially those in industries China has identified as strategic, rather than more traditional targets like defence ministries and spy agencies.

Economists seldom make it into James Bond films, despite Ian Fleming’s own espionage work taking place in a sister organization to Britain’s Ministry of Economic Warfare. Undercover economists schemed to debase the German currency, freeze enemy assets and cut off Nazi access to strategic metals like tungsten and chromium. Wassily Leontief even pioneered input-output analysis, a bane of many undergraduate economics courses, to figure out which German factories to bomb.

More recently, economic warfare has been a key part of our fight against terrorism and drug cartels. Most people would be surprised to learn how much effort around the world goes into tracking and disrupting the channels that al-Qaida and other malefactors use to finance their activities.

Mandiant’s report focuses on the activities of one cluster of hackers, which in cyber-security jargon it calls Advanced Persistent Threat 1 (APT1). The report is based on tracking APT1 attacks on 141 corporate and government victims over the last seven years. Some details from the report: 87 per cent were headquartered in English-speaking countries, industries targeted included four of the seven strategic industries in China’s Five Year Plan, and 937 Command and Control servers are controlled in 13 countries controlling thousands of domain names.

Ninety-seven per cent of the time Mandiant was able to track the hackers activating their attack systems: their IP addresses were in Shanghai and their computers’ language settings were “Simplified Chinese.” Mandiant has identified the group as People Liberation Army Unit 61398 in Shanghai and even has the address and the China Telecom form ordering the installation of high-capacity fibre-optic cables for “national defence” purposes.

The Chinese government vehemently denies it is involved in hacking. After claims emerged that Chinese hackers had downloaded huge amounts of Nortel secrets before the bankruptcy of that iconic Canadian high-tech firm, its embassy told the CBC that “cyber attacks are transnational and anonymous. It is irresponsible to prejudge the origin of attacks without thorough investigation and hard evidence.”

The official Chinese line is hard to reconcile with the detailed evidence accumulated by Mandiant and others.

China’s new capabilities upset other nations in three ways: their economic nature, their scale and their threat.

Nations have always spied on each other, including the U.S./U.K./Canada/Australia partnership that has been so successful in the signals-intelligence and code-breaking world. And corporate executives from aerospace and defence companies have always been well advised to keep a close eye on their briefcases during foreign visits, including to nominally allied countries.

But the Mandiant report describes an organization that goes far beyond pilfering an executive’s email during a bidding process. Instead, we have a large organization with hundreds and perhaps thousands of employees dedicated to deeply penetrating Western companies and downloading their fundamental business plans, blueprints and technologies. And the focused nature of the attacks suggest industry specialists are guiding the hackers, ensuring that the terabytes of data can be analyzed and exploited once stolen.

Mandiant doesn’t mention names, but other media reports suggest Chinese hackers had almost unfettered access to Nortel’s most sensitive computer files for years. These files would have been of enormous value to Chinese telecommunications equipment manufacturers.

Then there is the massive scale of the operation. According to Mandiant, early 2011 saw APT1 penetrate 17 new victims in 10 different industries.

APT1 targets include 115 victims in the U.S., two in Canada and 24 others. Industries included technology, media, transportation, banking, law firms and more recently metals and mining companies.

You may recall media reports in Canada in 2010 about a massive cyber attack on Canadian law firms, government ministries and other firms involved in the potential takeover of Potash Corp. of Saskatchewan. China is one of the biggest importers in the potash business and there were unconfirmed suggestions by industry players at the time that China hoped to scuttle the deal.

Then there is the threat. Besides stealing commercially valuable technologies, the hackers can also potentially shut down critical corporate networks. President Obama stressed the problem dramatically in his State of the Union address: “Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, our air-traffic control systems. We cannot look back years from now and wonder why we did nothing.”

The new Chinese capabilities break the established international ground rules. The Chinese would likely retort, if they ever commented publicly, that these ground rules were written by the West and that China will do whatever it thinks is in its interest.

Undoubtedly it will.

Economics teaches us that trade with China should be mutually beneficial. But Machiavellian business practices can seriously harm Canadian companies and workers. We should consider ourselves warned, and our corporations and governments need to significantly step up their cyber defences.

This is an issue that will be with us in a big way for a long time. Which brings up another fact about Mandiant that emerged last week, and which will be of significant interest to young people thinking about careers: Mandiant cyber-security consultants charge $450 or more per hour, and are in high demand.

Keith Halliday is a Yukon economist and author of the MacBride Museum’s Aurore of the Yukon series of historical children’s adventure novels.

Just Posted

A new leash on life: Injured Whitehorse pup settles into new home

‘I think now he’s less of a perfect dog but he’s more himself’

Yukon well represented in Olympic ski relays

‘It’s always rewarding when you’re racing for a team’

Yukon government launches new website and logo

Opposition slams $500K project cost as a waste

Former Whitehorse gas station employee sues over alleged sexual harassment, assault

Susan Lynn Keleher alleges there was a ‘campaign’ of sexual harassment and assault against her

Tagish dog rescue owner says she’s euthanized 10 dogs

Shelley Cuthbert said she put down 10 dogs after surrendering them to the animal health unit Feb. 15

No Resource Gateway construction work this season, YG says

‘We’re not as advanced as we would have liked to have been but we still are advancing’

Former Whitehorse RCMP officer gets conditional discharge for sexual assault

Judge Richard Scheider sided with the defence’s argument that conditional discharge was appropriate

Tagish dog rescue owner asks court to change dog surrender order

Shelley Cuthbert is asking for changes to an order requiring her to surrender 10 dogs per month

Dangerous offender hearing underway for former Yukon man who sexually abused 13 girls

The man pleaded guilty to sexually abusing 13 girls over seven years in the Yukon, B.C. and Ontario

Team Yukon has strong showing at Whistler Super Youth and Timber Tour

‘Anwyn absolutely destroyed the competition’

Yukon skier turns in personal best at Junior World Championships

‘It was another great international racing experience’

Most Canadians believe journalism plays critical role in democracy: poll

Survey suggests 94 per cent of Canadians feel journalism plays ‘important’ part

Yukon child care deal to fund grandparents, courses for caregivers

‘How this is completely going to look, we’re still working on’

Most Read