Spy agencies to detail foreign cyber-attacks

WASHINGTON — The U.S. intelligence community is nearing completion of its first detailed review of cyber-spying against American targets from abroad, including an attempt to calculate U.S. financial losses from hacker attacks based in China, officials said.

The National Intelligence Estimate, the first involving cyber-espionage, also will seek to determine how large a role the Chinese government plays in directing or coordinating digital attacks aimed at stealing U.S. intellectual property, according to officials.

The Pentagon requested the estimate more than a year ago, and it sparked a broad review of evidence and analysis from the 17 U.S. intelligence agencies. The document has been submitted to the National Intelligence Council, which coordinates such efforts, but it was unclear whether the council had reached or approved final conclusions. The study is expected to be given to policymakers early next year.

U.S. intelligence agencies monitor daily digital assaults from hackers based in China who seek to steal intellectual property from American and other Western companies, current and former intelligence officials said. Intelligence analysts disagree over the extent to which the intrusions are organized by Chinese authorities, but the CIA and National Security Agency have traced cyber-attacks and thefts to Chinese military and intelligence agencies.

“We know much more about who is doing this than we did even two years ago,” one official involved in the effort said. “We have traced attacks back to a desk in a (People’s Liberation Army) office building.”

Some analysts believe the Chinese government has a broad policy of encouraging theft of intellectual property through cyber-attacks, but that it leaves the details to intelligence services, state-owned companies and freelancers. As a result, at least some of the attacks appear poorly orchestrated.

U.S. officials have raised concerns about cyber-espionage with Chinese officials. Beijing has denied any involvement.

Obama administration officials have publicly warned in recent months about threats to national security from cyber-attacks, but they have tiptoed around the issue of who is to blame. “It’s no secret that Russia and China have advanced cyber-capabilities,” Defense Secretary Leon Panetta said in a speech on Oct. 11 in New York.

Russia engages in cyber-espionage against government targets, as does China, the United States, Israel, France and other nations. But Russia does not systematically steal corporate secrets from U.S. companies to aid its own national companies, U.S. intelligence officials say.

Last week, the congressionally sponsored U.S.-China Economic and Security Review Commission alleged that China has “an elaborate strategy for obtaining America’s advanced technology by subterfuge, either stealing it outright or by requiring U.S. companies to turn over technology to Chinese business partners as a condition for investment and market access in China.”

Part of that strategy relies on computer attacks, the commission said.

“In 2012, Chinese state-sponsored actors continued to exploit U.S. government, military, industrial and nongovernmental computer systems,” the report said. “The volume of exploitation attempts yielded enough successful breaches to make China the most threatening actor in cyberspace.”

Losses from the theft of U.S. intellectual property through cyber-attacks and theft are difficult to quantify but are believed to be in the billions of dollars a year.

In one recent case, Brian Milburn, who runs Solid Oak Software Inc. in Santa Barbara, Calif., sued the Chinese government and nine companies for $2.2 billion in January 2010 in federal court in Santa Ana, Calif., alleging that his Cybersitter child-monitoring software had been pirated and illegally sold to 57 million users in China. The lawsuit was settled for an undisclosed amount in April, though the Chinese government did not participate in the settlement.

As the lawsuit unfolded, Milburn was targeted for harassment by Chinese hackers thought to have been tracked by U.S. intelligence, according to his Los Angeles lawyer, Gregory Fayer. He said the hackers blocked orders on the Cybersitter website, costing Milburn tens of thousands of dollars in lost sales.

“The guys they put on us were the virtual Chinese A-Team of hackers,” Milburn said Thursday. “They were the most patient people I’ve ever seen. They basically used the same techniques against me that they would use for cyber-espionage.”

More in Local News

Man arrested after police find van full of drugs, cash and guns

An officer on patrol noticed a vehicle by itself in the middle of a WinCo parking lot at 2 a.m.

Jim Mathis, the Vietnam veteran whose Marysville garden was recently featured in The Herald, died Wednesday. Mathis, who suffered from PTSD and cancer, found solace in his beautiful garden. (Dan Bates / The Herald)
Vietnam veteran Jim Mathis found peace in his garden

The Marysville man who served two tours died Wednesday after suffering from cancer and PTSD.

Smith Island habitat restoration cost to rise $1.2 million

The project is intended to increase survival rates for juvenile chinook salmon.

Add deputies and bump taxes a bit, executive proposes

Dave Somers’ Snohomish County budget proposal also would address traffic problems in neighborhoods.

County councilman proposes banning safe injection sites

Nate Nehring says county officials also should find “credible, long-term solutions to addiction.”

Car crashes near Everett after State Patrol pursuit

The driver and a second person in the car suffered injuries.

They chose the longshot candidate to fill a vacant seat

Sultan Mayor Carolyn Eslick will serve as representative for the 39th legislative district.

How Carleton Farms prepares for Halloween — in the summer

The Lake Stevens farm opens Sept. 30 for your pumpkin pickin’, scare lovin’, zombie-fightin’ pleasure

Expanded Community Transit service set to start

CT is adding a total of 68 new bus trips in an expansion of service approved by district directors.

Most Read