Economic warfare, 21st century style

A little-known cyber-security firm called Mandiant dropped a bombshell last week. The Washington, D.C.

A little-known cyber-security firm called Mandiant dropped a bombshell last week. The Washington, D.C.-based outfit released a report that made a very convincing case that Chinese government agencies are behind a vast range of highly sophisticated electronic attacks on Western companies and governments.

Their report was highly detailed, including video capture of real cyber attacks from Shanghai and an appendix documenting thousands of examples from the Chinese “malware arsenal.”

Many of the attacks are aimed at Western companies, especially those in industries China has identified as strategic, rather than more traditional targets like defence ministries and spy agencies.

Economists seldom make it into James Bond films, despite Ian Fleming’s own espionage work taking place in a sister organization to Britain’s Ministry of Economic Warfare. Undercover economists schemed to debase the German currency, freeze enemy assets and cut off Nazi access to strategic metals like tungsten and chromium. Wassily Leontief even pioneered input-output analysis, a bane of many undergraduate economics courses, to figure out which German factories to bomb.

More recently, economic warfare has been a key part of our fight against terrorism and drug cartels. Most people would be surprised to learn how much effort around the world goes into tracking and disrupting the channels that al-Qaida and other malefactors use to finance their activities.

Mandiant’s report focuses on the activities of one cluster of hackers, which in cyber-security jargon it calls Advanced Persistent Threat 1 (APT1). The report is based on tracking APT1 attacks on 141 corporate and government victims over the last seven years. Some details from the report: 87 per cent were headquartered in English-speaking countries, industries targeted included four of the seven strategic industries in China’s Five Year Plan, and 937 Command and Control servers are controlled in 13 countries controlling thousands of domain names.

Ninety-seven per cent of the time Mandiant was able to track the hackers activating their attack systems: their IP addresses were in Shanghai and their computers’ language settings were “Simplified Chinese.” Mandiant has identified the group as People Liberation Army Unit 61398 in Shanghai and even has the address and the China Telecom form ordering the installation of high-capacity fibre-optic cables for “national defence” purposes.

The Chinese government vehemently denies it is involved in hacking. After claims emerged that Chinese hackers had downloaded huge amounts of Nortel secrets before the bankruptcy of that iconic Canadian high-tech firm, its embassy told the CBC that “cyber attacks are transnational and anonymous. It is irresponsible to prejudge the origin of attacks without thorough investigation and hard evidence.”

The official Chinese line is hard to reconcile with the detailed evidence accumulated by Mandiant and others.

China’s new capabilities upset other nations in three ways: their economic nature, their scale and their threat.

Nations have always spied on each other, including the U.S./U.K./Canada/Australia partnership that has been so successful in the signals-intelligence and code-breaking world. And corporate executives from aerospace and defence companies have always been well advised to keep a close eye on their briefcases during foreign visits, including to nominally allied countries.

But the Mandiant report describes an organization that goes far beyond pilfering an executive’s email during a bidding process. Instead, we have a large organization with hundreds and perhaps thousands of employees dedicated to deeply penetrating Western companies and downloading their fundamental business plans, blueprints and technologies. And the focused nature of the attacks suggest industry specialists are guiding the hackers, ensuring that the terabytes of data can be analyzed and exploited once stolen.

Mandiant doesn’t mention names, but other media reports suggest Chinese hackers had almost unfettered access to Nortel’s most sensitive computer files for years. These files would have been of enormous value to Chinese telecommunications equipment manufacturers.

Then there is the massive scale of the operation. According to Mandiant, early 2011 saw APT1 penetrate 17 new victims in 10 different industries.

APT1 targets include 115 victims in the U.S., two in Canada and 24 others. Industries included technology, media, transportation, banking, law firms and more recently metals and mining companies.

You may recall media reports in Canada in 2010 about a massive cyber attack on Canadian law firms, government ministries and other firms involved in the potential takeover of Potash Corp. of Saskatchewan. China is one of the biggest importers in the potash business and there were unconfirmed suggestions by industry players at the time that China hoped to scuttle the deal.

Then there is the threat. Besides stealing commercially valuable technologies, the hackers can also potentially shut down critical corporate networks. President Obama stressed the problem dramatically in his State of the Union address: “Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, our air-traffic control systems. We cannot look back years from now and wonder why we did nothing.”

The new Chinese capabilities break the established international ground rules. The Chinese would likely retort, if they ever commented publicly, that these ground rules were written by the West and that China will do whatever it thinks is in its interest.

Undoubtedly it will.

Economics teaches us that trade with China should be mutually beneficial. But Machiavellian business practices can seriously harm Canadian companies and workers. We should consider ourselves warned, and our corporations and governments need to significantly step up their cyber defences.

This is an issue that will be with us in a big way for a long time. Which brings up another fact about Mandiant that emerged last week, and which will be of significant interest to young people thinking about careers: Mandiant cyber-security consultants charge $450 or more per hour, and are in high demand.

Keith Halliday is a Yukon economist and author of the MacBride Museum’s Aurore of the Yukon series of historical children’s adventure novels.

Just Posted

Whitehorse musicians offer film scores online

‘People know when they come to the site that there is a certain aesthetic and level of quality’

Yukon government won’t release municipal carbon tax rebate details until May

Details of potential rebates for municipalities to be announced in May

They’ve got a guy: Yukon government signs first pot supplier deal

A B.C.-based company will provide up to 350 kg of cannabis flower and oil

Yukon Parks tightens rules to crack down on campsite squatters

Campers were previously allowed to leave occupied campsites unattended for up to 72 hours

Black Press Media acquires two new Alaska newspapers

New Media Investment Group to acquire the Akron (OH) Beacon Journal while Black Press Media takes on daily newspapers in Juneau and Kenai Alaska

Gold Rush star Tony Beets appeals pond fire fines

Beets and his company, Tamarack Inc., were fined $31k for violating portions of the Waters Act

Defence lawyer asks Crown appeal of Kolasch acquittal be dismissed

In factum, Harry Kolasch’s lawyer says it’s clear that police officer used excessive force

Yukon Liberals raise $20,000 at Vancouver hockey game

Silver says no public money spent on trip, party refuses to say who bought tickets

Inspector, CYFN lawyer talk about WCC inspection at justice conference

David Loukidelis and Jennie Cunningham spoke about the Whitehorse Correctional Centre

An early view on how the carbon tax will affect the Yukon economy

If you only remember two numbers from the recently released federal-territorial study… Continue reading

‘New way of thinking’ about infrastructure funding asks First Nations and municipalities to chip in

Some of YG’s 25 per cent share of infrastructure cash may come from municipalities or First Nations

Nadia Moser named to senior national team

Whitehorse’s Nadia Moser was officially named to the senior national team by… Continue reading

Most Read