The former head of the CIA and NSA, Gen. Michael Hayden, says that China is launching cyberattacks against every sector of the U.S. economy. Most companies do not say much - if anything - about being hacked. But in an exclusive television interview with CNBC's David Faber, one victim describes how the cyber-attack unfolded before his eyes.
By Anna Schecter
Rock Center
This article was originally published on Oct. 11 and was updated on Feb. 22, as more information became available.
UPDATE: In a new report released this week, cyber-security firm, Mandiant, pinpointed exactly where some of the most sophisticated hackers in China are working – in or around a building that serves as a Chinese military unit's headquarters on the outskirts of Shanghai.
This elite group of hackers has been dubbed the "Shanghai Group." They've struck 141 times since 2006 across all sectors of the U.S. economy. This is the first time such a group has been tracked right to the doorstep of the People's Liberation Army.
Two major United States newspapers, The New York Times and The Wall Street Journal, reported earlier this year that their computer systems have been repeatedly targeted by hackers based in China for the past several months.
The New York Times said the attacks, which began in mid-September, were in response to a Times investigation of the relatives and family of China’s Premier Wen Jiabao. The Wall Street Journal simply stated that the infiltration was "for the apparent purpose of monitoring the newspaper's China coverage."
This is not the first time cyber-attacks originating from China have been in the national spotlight. According to current and former intelligence officials at the highest levels of government, the Chinese have playing dirty in the international spy game for years.
“This is stealing American wealth. It's stealing American jobs. It's stealing American competitive advantage,” General Michael Hayden, former head of the Central Intelligence Agency and the National Security Agency, said in an interview with NBC News.
Hayden’s comment was echoed by a House Intelligence Committee report released on October 8, 2012 warning that two Chinese telecommunications companies, Huawei and ZTE, could be funneling sensitive information back to Beijing, and cautioned American carriers to avoid doing business with them.
Intelligence Committee Chairman Mike Rogers, R-Mich., told NBC News that the Chinese have targeted every sector of the American economy.
“Everything you can possibly imagine we have seen the Chinese make a concerted effort to steal that information and use it for their own economic advantage,” he said.
That includes blueprints for the next generation of auto parts, formulas for pesticides and pharmaceuticals, and other information that makes American companies competitive in the global marketplace.
Though the United States limits its espionage to national security interests, intelligence officials said, China has launched a well-organized campaign to steal American corporate secrets via the Internet.
“I know states steal secrets. Our states steal secrets. And we're actually pretty good at it. But we self-limit. We steal things that are valuable and useful for your security, for your liberty and for your safety,” Hayden said.
One of the first to find himself on the front lines of the economic cyber war with China at the corporate level was Brian Shields. He was a computer security specialist for Nortel, a giant Canadian telecommunications company.
A success story from the early Internet age, Nortel made cell phone and computer network equipment. At its height, the company employed 20,000 people in the U.S.
Shields said he first got wind of the Chinese in Nortel’s network in 2004. An employee working in highly technical research and development saw some curious activity on a computer server. His documents were being downloaded apparently by a senior executive named Brian McFadden, who worked in a completely different department.
Shields said McFadden had not downloaded anything. Instead, someone had hacked into the computer network using McFadden’s stolen password. Shields said he discovered that seven passwords had been stolen, including that of then CEO Frank Dunn.
Though Shields could never determine who the individual hacker was, he was able to track the activity to servers in Shanghai and Hangzhou, China.
In total more than 1,400 documents were stolen including product designs and valuable customer information, according to Shields.
“They could know what companies we're buying, how much. They could know where we saw our future product. They could know where we saw our profitability,” he said.
After the attack, Shields said he watched his company steadily lose business, while a competitor, Huawei, began to grow. Nortel went bankrupt in 2009, while Huawei has become one of the world’s premiere telecommunications companies. Shields said he believes Nortel went under as a result of spying by companies like Huawei.
Most industry insiders say that Nortel was a victim of bad business decisions coupled with the burst of the Internet bubble.
A spokeswoman for Nortel said the company responded appropriately to the 2004 attacks and “found no evidence of wide spread security issues.”
Huawei has denied stealing from Nortel or any other company. In a statement emailed to NBC News, the spokeswoman said the company has "the highest respect for the intellectual property of others."
In response to October 8th's House Intelligence Committee report, a Huawei spokesman said the accusations were based on rumors. The company defended its record as a member of the Fortune 500 list of the largest companies in the world.
“For the past 25 years, we have held an upstanding record…We have been emphasizing that Huawei is committed to cooperating transparently with any and all government agencies who wish to carry out an open and impartial dialogue about our company and the products and services that have made us successful internationally,” read a Huawei statement responding to the report.
Huawei has already sold equipment to a dozen small carriers in the U.S.
The Huawei spokesman said company is a “partner to the U.S. high-tech industry” and “helps create jobs in the U.S.”
ZTE released a statement saying that the company is China’s “most transparent, independent, globally focused, publicly traded telecom company.”
Click here to read a full response from Huawei
In response to this story, China’s Foreign Ministry Spokesman Hong Lei denied stealing from any corporations, adding that last year the Chinese helped international agencies address hundreds of cyber-attacks. He said the Mandiant report linking attacks to the Chinese military was “unfounded” and “unprofessional.”
“China is also a victim of cyber-attacks, and we take a firm stance on continuously playing an active role in international cooperation,” Hong Lei told NBC News.
But top American brass said they are exasperated by China’s efforts to portray themselves as victims. Hayden said it is time to hold China accountable.
“Don't treat me like a child. We know what you're doing. We have good evidence with regard to what you're doing. And if you continue to do what you do actions will have consequences,” said Hayden.
Rogers advocated that the White House make Chinese cyber espionage the number one issue in bilateral relations with China.
“They do respond to embarrassment. And we ought to embarrass them for being thieves of the research and development of the United States of America.”
Leave a Comment:
one spammer gone!
Hmmm... If someone tracked the source of this hacking problem to a specific address, maybe it is about time for a piece of "space junk" to fall on that building... ?
If they can track this to an address half way around the world, then why can't they track down the #$%^& spammers her in our own backyard and shut them down?
who says they can't track the spammers in our own backyard?
Hey corporations take some of your massive profits and invest them in better cyber security and quit stealing the money from the taxpayer, its your responsibility to take care of security not the public. God damn leeches.
Agreed! And libtards should take care of themselves instead of constantly pushing for bigger and government paid for with obscene taxes. God damn socialist moochers.
And conbabies should stop crying about having to spend money to enforce the anti-social regulations and laws they want. Goddam fascist greedy pigs.
In other words, enough with the @!$%#ing name calling and childish "they're not doing what I want!" political bull@!$%#.
Maybe if moonbats would agree to reduce the size of government politicans wouldn't have the power to sell themselves to the highest bidder. But then again, that would require a little too much common sense for the typical moonbat imbecile.
Also, don't whine about name calling if you're going to be a hypocrite who does the same.
now now now kids-----China already owns us and have since the Bush / Cheney administrations---
China has been sending contaminated products to this country for many many years and yet they still hold favored trade status----because they own us and would like to see us all dead at best or crippled at worse
I would be referring to the government not the people in general----
It is my belief that China would like to see N. Korea do the dirty to su thus taking care of China's dirty work and yet leaving them looking innocent
toodles
FYI its OUR multinationals that are there sending stuff back to us, not the chinese. And just to keep things in perspective, ever hear of steroid meningitis etc etc... its not like our stuff is perfect all the time. And the worst lethal industrial accident of all time is... Union Carbide in Bhopal India where a US company killed thousands. Just imagine if a chinese company did that! Easy to have amnesia on our own behavior though.
so we know what is happening and what is the responce? Next weeks new cycle will be something else.
haha There's no proof China did anything!
I believe that our companies should be using more powerful security for their computers. The companies that are doing this terrible crime should be punished severly for what they did. I know that nobody is safe anymore from hackers and it will just get worse before it gets better, but why don't our companies pay more attention to security? We are all responsible for our own safety and we have to be more up-to-date on everything that we do.
Amen to that! "The heart is deceitful above all things, And desperately wicked; Who can know it? Jeremiah 17-3
i think ovomit should stop ALL chinese products from importation into the united states! that would give the slants something to think about!
So, you're short-sighted with regards to how the economy works, AND you're a racist. Yeah, we should totally do what you suggest.
I think all the Tea-tagger CONservative business owners should stop sending U.S. jobs to China.
I'll bet that about half of the Chinese here in the USA--are spies....
There have been some high profile cases, and I am sure others will come to light.
Just like half the Russian Americans are spies for Moscow, or how half the Cuban immigrants are spies for Havana! Hell, that mexican joint down the street? They're all spies for the Mexican government, or worse, the drug cartels!
That may not be far from the truth. In 2002, Fred Rustmann, Jr., a high-ranking CIA officer (retired), wrote a book, CIA, INC. In it he described exactly what the Chinese do and how they penetrate into companies and steal their precious secrets. This has been going on a long time. He has a company that ferrets out corporate spies, and etc. It is expensive to rent-a-spy. Some old retired CIA guys will be rent-a-spies, but they do not come cheap. I guess all those greedy capitalists may have to dig into their profits and hire these guys. I guess the CEO's will have to settle for a little less pay, poor dears. That book is a fascinating read. It has several old cold war spy tales which are cool.
Of course, things might be more secure for these capitalists if they didn't complain so much about taxes. You get the security you pay for. Perhaps if they funded government agencies better, they could be protected better like back in the cold war. It might be worth submitting to a higher tax rate like back in the 1960's for the sake of safety and the U.S. being the number one economic superpower again like it once was.
R&D is very expensive. Who wouldn't want to bypass that cost?
and insider info pays off handsomely when you bypass the risks.
this mentality is the same kind that got us putting in concentration camps tens of thousands of innocent Japanese during WW2
@Empress-409341: I agree .. America's #1 problem is ego-centricity. 'We' think we are so much smarter than China but China has been around for thousands of years and America has only been around for a few hundred. 'We' are too trusting and it's going to get painful before we learn.
Last night I saw a report on Chinese couples hiring American surrogates so their children can obtain dual citizenship .. supposedly for easier university admittance. Just another way to infiltrate and bypass legal immigration.
Also, a gun control officer told me that in this county, the highest number of people applying for concealed weapon carrier permits are Chinese.
The puzzle starts to assemble itself.
An article published just a few years ago indicated that the FBI estimates that a large majority of ANY Chinese businesses in this country harbor intelligence gathering individuals tasked to infiltrate, by what ever means, into college and university research programs, high tech businesses and defense contractors. They are a known element here and their numbers are growing while, apparently, the FBI sends naked pictures of each other for kicks and giggles..........
If China is going to steal trade secrets from us, why don't we deduct what we feel the secrets are worth from the money we owe them? Just saying
Dear BubaEinstein,
Please do not use the term "just saying". It has outlived its usefulness.
Signed,
The rest of the world
And they'd steal everything else in sight as well . . . admit it! . . . Don't pretend that anybody's playing by any rulez.
Let's organize a posse and go steal China's IP! Oh, wait, there's nothing there to steal - how embarrassing.
The US government is honest and would never steal that type of information. I know this because that's what the US government told me to believe.
The US government would never steal company secrets from companies in other countries. I know this because the US government tells me this. They would never lie to me.
Hilarious, really- if you love irony as much as I do.
What Russia failed to accomplish by supporting Mao's "Great leap forwards" with the foundations of a machine tool economy, we accomplished by accident.
We did so with massive infusions of wealth directed into China by a few short-sighted fools bent on driving the ship of state onto the rocks of greed- thereby making the theft of our future more easily accomplished.
Thank you, Mr Nixon, and all the others who made this possible.
Bravo, you traitors- you've turned the big brother of barbaric, floundering North Korea into a sophisticated first world power which is already victorious in a war of economies- and which may shortly be engaged in a physical war with us for the assets of the Pacific surrounding the territories we still claim there- if not for long.
Well put Rusty but I'm doubting many of the posters don't know diddly about Nixon
Too many others don't realize they buy the Koch Bros propaganda OR the Obama propaganda
they be sheep following a judas goat through the slot to slaughter
Chuck Fina... AND, their magnificent US retail outlet - Wal-Mart...
""Intelligence Committee Chairman Mike Rogers, R-Mich., told NBC News that the Chinese have targeted every sector of the American economy.
“Everything you can possibly imagine we have seen the Chinese make a concerted effort to steal that information and use it for their own economic advantage,” he said.""
We know that this is a fact and to my thinking this is an act of war. We have have few choices.
1- Genrerate millions of viruses and send them every second of every day until they get the message..
2- Bomb the crap out that building and wipe it off the face of the Earth. I know this sounds drastic, but what's more drastic than spying on us and stealing out technology .
3- Remember Teddy R. "Walk sofetly but carry a big stick". We still have the big stick.
If one reads,studies and understand the Chinesse way of doing things, they don't live for the short immediate gain or time. They plan for the next one hundred to five hundred years.
When the hell are you people going to realize this. Keep sitting on you fat arsses and you'll be dead before you even know it happened.
Your 3 is not a choice :)
Also, even a kid knows by now that either of your options would be futile since the current China is more than capable of responding in kind, with twice the power and intensity
Remember, China killed our pets with their poison additives in our Pet foods.
They caused our children horrible medical problems with their additives of lead to our childfrens toys.
They sold us cncer casing wall boards for our contruction of new homes.
How many times does it take before you realize that these people don't give a rats ass about America or even their own people.
Well they're Communists aren't they?
Paul Simon: "still commies after all these years"
And what is America going to do about it? Nothing.
Do you think that the U.S. is not doing exactly the same thing but WORLDWIDE?
How naïve of you all.
How stupid of you? What does China have that we need to hack into their companies and their government computer systems? Perhaps we're trying to steal the recipie for dog food contaminated with plastic or tainted baby formula! Think for a minute... we're the good guys, remember... we're not out to destroy the Chinese....DUH!!
lack of intelligence leads to drastic theft. they are always competing, their space program; do not pay them for the outstanding debt. Must be sad to know that they will always be second rate.
And what is President Barack "I'm Ready for That 3AM Phone Call" Obama doing about it? Well besides playing golf with the philanderer Tiger Woods, all I can hear are crickets...
because your comment is so stupid it isn't actually worthy of further comment
"because your comment is so stupid it isn't actually worthy of further comment"
Well actually you did comment. But you are right as saying it was a stupid comment. Mark, opinions are like a s s h o l e s, everybody has one. You uncovered a comment that makes no sense. What does Tiger Woods, his bedroom life and crickets have to do with China?
Scriptwiter I don't know why Barack Obama or the DOD hasn't come out and given a SuperBowl style press conference on the cyber warfare they are waging. You know they did that right before DDAY and it allowed us to take Normandy by surprise. ...Think before you type....maybe you hear crickets because your supposed to.
Im an American living in Chongqing China. Trying to do business here is like swimming with snakes. There is no concept of business ethics whatsoever. Stealing and breaking rules is completely normal here, so is lying with a totally straight face. Of course the Chinese hacking of American companies is true.
What Americans don't realize is that the mentality here is that of a war zone or ghetto. The average person's life is pretty bad--very low salaries, poor working conditions, monster bosses--and there is no way to break out the trap. Yet luxury items and the better life of foreigners is tantalizingly close enough to see and touch, so there is a burning urge to break out and grasp that brass ring. That desperation combined with a complete lack of faith has created a totally amoral way of thinking. Their way of looking at things, negotiating--everything is totally different from what we would consider "reasonable." Paying someone or cheating is a perfectly acceptable alternative to rules here. There is almost no recourse for anyone who has been wronged, so everyone accepts this situation as "the way things are."
America needs to acknowledge this in a much bigger way. Computer hacking safeguards need to be increased exponentially and due diligence with regards to Chinese companies needs to be greatly increased on every level. The only way things will change in China is if there is absolutely no tolerance for their way of doing things.
I totally agree. Most people here in the US assign the same moral concept we grew up with to the Chinese and they laugh at us as they lie and sell us shoddy and dangerous products and hack our government and business secrets.
I'm sure the President has already assigned the NSA the highest priority to deal with this and he doesn't tell us because we don't need to know until a positive outcome is realized.
All these people complaining about him and how he conducts business better be glad they live here and have the right to do that. Complain in China and you're jailed and possibly never seen again.
Awesome post, Rob. I appreciate a first-hand view of what I had only read about. I understand (intellectually) how incredibly different it is to consider human life and ethics as no more than conveniences easily ignored, discarded, or avoided.
Such disregard is inherent in tyrannies, whether monarchical or Communist, Stinkfeet - it doesn't matter what excuse the leaders use for their abuse, it's still tyranny.
And thank you, Michael, for actually posting one of the first intelligent comments about our government I've seen on these chats in a long, long time!
NO tolerance means NO one in America should buy any of the CRAP made from China...however, we don't always know where our stuff is coming from or which ingredients have been imported from China and put into our products made in the USA. Dependence on other countries including China for products and raw materials, or cheap manufacturing makes it almost impossible to have zero tolerance. What exactly would a zero tolerance policy look like?
I accept international students into my home as a homestay parent, and recently had a 26 year old Chinese student assigned to me. She had worked for a few years in the import/export business in China before deciding to come to the US to learn English. I have had many international students stay with me through the years, but this was my first Chinese student. Within a few short weeks I was
put in a position where I had to ask her to leave. I have never felt so violated and lied to as I did with her.
I manufacture and sell wholesale natural skin care products through a home based business. I was shocked and horrified by her predatory actions towards my business. I make my products at home, and my inventory is sitting out where it can be accessed by anyone who comes to my home. I was welcoming towards her, and since we shared an interest in business, she and I talked at times about my products. When I gave a product to her as a gift, she turned around and sent it to her friend in China to see if they would be able to produce the same thing cheaper there, and import it here. She had no qualms about what she did, and voluntarily told me she had done that. Furthermore she told me that her friend really liked it, and thought it might sell well. I told her that the reason I gave it to her as a gift was to strengthen the bond between us, and she sort of understood. I said that by sending it to her friend in an attempt to put me out of business, she had done exactly the opposite of what I had intended, and had undermined my trust of her. I think she understood when I explained it to her.
One of the major selling points of my products is that they are locally produced and hand made. She kept trying to convince me that I would do better for my business if I contracted with a company in China and had them make them for me. She had no concept of the value of handmade, or locally produced items, and did not understand why that would be important. She was being polite when she said this and acted innocent when she was offering it, saying that it would be for my benefit. So, I said I'm not interested in that, but asked her if she would be able to help me find distributors for me in China so that I could make products here and send them to sell to customers in China. She looked almost hurt, and said that she might be able to help me with that and then changed the subject. She knows full well how much Chinese imports to the US help China and hurt us.
Ultimately though the last straw was when inventory began to go missing. When I questioned her about it, the products began to magically reappear. It turns out she was selling them on the college campus.
She was out of my house within 24 hours. She really didn’t understand why she was kicked out. But there is a limit to what I am responsible to teach her about American culture.
The Chinese are just copying what the Russians started. The book "KGB Today" by John Barron copyright 1983 outlines the strategy by Russia to infiltrate the US and steal company secrets. Their people were trained for years to come to the US, get jobs with our companies, and steal everything of importance.
That is why I have an objection to the recently passed law that allows foreigners with higher degree education to become citizens more easily than others. Unfortunately, there has been no recognition in the media that some foreign students and the hiring of non-citizens has been detrimental to the US.
I think there are limits to the advantages of "globalization" when it undermines the integrity of a nation.
@Rob#20:
Things really aren't that much different in America. Sure, there are a few good companies and good managers, but for the most part American businesses are comprised of liars and backstabbers. Where it was once about producing a better product and servicing customers better, the government has allowed monopolies and duopolies to run rampant over American workers who subsist in an environment of 25% unemployment. Take the telecommunications industry as an example. One of the most vital industries in America is ruled by a company comprised of managers and people that lie and steal from people on a daily basis. Nothing will change until we quit allowing lobbyists to buy the legal system in this country. 99% of us have the power . Until we band together nothing will change, and our country will continue down a path to destruction.
I like Bryan Williams in a small way like other anchor men. He brings a bit of stability to the news. In the shades of past giants like John Cameron Swayze. A pleasing voice and intro butt no heart. The last of the Dinosaurs like Roger Mud and Cronkite make him look like a street pimp for the networks. The media is dead. It devoured itself..
http://www.bing.com/videos/search?q=John+Cameron+Swayze&mid=1A8664E0C383E7D858D51A8664E0C383E7D858D5&view=detail&FORM=VIRE1
Just a thought, Chinese hacking into financial networks, N. Korea working on their nuke program. Sounds like a work up to attack some of our Allies or even worse.. the U.S.. And here we sit bickering while our rights and freedoms are slowly being taken away. Wake up America. Its not about Dems and Repubs, its about the people. Stop being sheep and stand up for what is right. You are all cattle being led to the slaughter.
WE, workdog. WE are all sheep and are being led quite merrily to the slaughter. We'd rather bitch about same-sex marriage and whether the Kardashians get too much air-time. I wonder how quick the anti-gun people will shut up if (when) we're attacked again? Of course, it's less bloody to ruin our economy via cyber attacks...
But you are absolutely right that WE need to stop being sheep and stand firm - and never mind the PC BS, either!
Yes - you Workdog and enraged1....
You both need to stop shopping at Walmart and quit purchasing everything you own with the "Made in China" label. That's how you can stop being 'sheep merrily being led to the slaughter'
China is doing that to steal more intellectual property, same as they have been doing for over 5,000 years. They have no creativity, all the Chinese can do is copy, steal and take advantage of any opportunity for their greedy rulers. The US should place an embargo on all Chinese imports, as they accounted for 80% of the $1.2 Trillion lost to counterfeit in 2011, which figure is expected to rise to $1.78 Trillion by 2015. Just google "counterfeit" and "$1.2 Trillion" and you will find dozens of us and European sources of the same exact data by reliable academic, industry and government, sources. They should put a fence around China and not let anybody out, not let their junk products into our countries and erect the strongest, most huge cyber firewall around China! Let them kill, hack and cheat each other!
Um, Susan, your bigotry is showing. The Chinese invented gunpowder, pasta, paper... to name just a few things. Don't quote pretend facts to justify your anger - it isn't necessary since the rest of your post showed you did at least a little research to support it.
The theft going on today is not from the people of China. It is from those in power who are the only ones with any authority to DO anything in that poor country! There are millions of Chinese who only want to live their lives as you do. Let's not do as they do and pretend they're not people...
Building a cyberwall around China isn't a bad idea. I wonder if we could do that?
Susan, you have a brain of a Kid, lots of vengeance without any intelligence. CIA is the best thief in the world, and if CIA can't steal, then CIA bribes and hires them to work for NASA or some hi-tech companies.
The biggest problem with the billions spent on cyber security is that you you cant fix stupidity.
If you have a server that has "Trade Secret" stuff on it, don't hook it to the internet.
Problem solved....
Many networks do have very little security, because of who is using them.
There are ways around that as well.
It is possible to use a computer that it not internet accessible, really, it's true. If a company cannot maintain security and privacy, does that mean that security and privacy will not exist because a company cannot operate without computer networks? What did these companies do 50 years ago? There has to be a monetary value on security and privacy, then how to operate within those parameters should be a deciding factor on how much or what kind of technology is beneficial to those companies. Yeah, we all like using computers, admit it. More than we care about offering security.
Using a computer that is not internet accessible is no guarantee of security. All it takes is someone with a thumb drive to mess it up.
Reader there are additional steps. For maximum security the following procedure is called for.
1. System is not networked
2. System is in maximum security locked area, accessible only by members of a list with all access recorded.
3. System has no USB or other media device access (card readers, disk drive, etc)
While still not 100% as someone could remove the hard drive, this would become obvious, and there would be a record of who that person was.