Could the attack on Google have been prevented or, at least, mitigated? The question arose when the existence of a report titled “Report on the Capability of the People’s Republic of China to Conduct Cyber Warfare and Computer Network Exploitation”, published in October, has been noticed by the general public.
According to InformationWeek, the report, ordered by the U.S.-China Economic and Security Review Commission and compiled by Northrup Grumman, was made public in October – 2 months before the attack.
“Little evidence exists in open sources to establish firm ties between the People’s Liberation Army and China’s hacker community, however, research did uncover limited cases of apparent collaboration between more elite individual hackers and the PRC’s civilian security services,” says the report. So, the possibility of the attacks being sponsored or, at least, being condoned by the Chinese government exists.
The report also gives an overview of China’s strategy regarding cyber warfare and cyber espionage and its past intrusions and actions taken against US and other foreign interests.
“China is likely using its maturing computer network exploitation capability to support intelligence collection against the US Government and industry by conducting a long term, sophisticated, computer network exploitation campaign,” the report reveals, giving warning to the top level management both in business and government.
Another thing that makes these recent attacks seem state-sponsored is that the goal wasn’t monetary. The attackers didn’t try to steal credit card numbers or bank account information, but information that was valuable to the national interests of the country (like email addresses of dissidents in Google’s case, or information about oil discoveries in the lately revealed US oil industry attacks).
To read the whole report, go here.