Here's a bit from a recent fcw.com report by Josh Rogin:
Published on Feb. 13, 2007 NORFOLK, Va. -- At the Naval Network Warfare Command here, U.S. cyber defenders track and investigate hundreds of suspicious events each day. But the predominant threat comes from Chinese hackers, who are constantly waging all-out warfare against Defence Department networks, Netwarcom officials said.
Attacks coming from China, probably with government support, far outstrip other attackers in terms of volume, proficiency and sophistication, said a senior Netwarcom official, who spoke to reporters on background Feb 12. The conflict has reached the level of a campaign-style, force-on-force engagement, he said.
?They will exploit anything and everything,? the senior official said, referring to the Chinese hackers? strategy. And although it is impossible to confirm the involvement of China?s government, the attacks are so deliberate, ?it?s hard to believe it?s not government-driven,? the official said.
The motives of Chinese hackers run the gamut, including technology theft, intelligence gathering, exfiltration, research on DOD operations and the creation of dormant presences in DOD networks for future action, the official said.
This is serious national security stuff reported on one of the government IT sector's most widely trusted sites - and the rest of the report is worth reading too.
These attacks are no different in strategic principle than the low level submarine warfare that went on between the U.S. and the Soviet Union during much of the cold war - and have the same potential to flare into larger, more dangerous, conflicts. The big difference, however, is that civilian infrastructure was not a target for either side during the submarine "games" - but today everything done at the state level to penetrate or hamper American national security information flows is directly applicable to most civilian IT infrastructure.
And why should you care? because when the Chinese, or anybody else, learn how to successfully attack computers at the American Naval War College, they've also learnt how to take your network down - and therefore threaten, not just the production of an informed officer corps, but the entire world economy.
In the particular case of Wintel usage in the civil economy the thing that most works against any effective defence is the smoke and noise raised by our experience with kiddie clicker class attacks. The daily cycle of patches, attacks, and detector/remover upgrades blinds us to the reality that most of these attacks are extremely lightweight efforts when viewed from both intellectual and organisational perspectives - but the foreground hysteria they generate hides the reality that we have essentially no defences in place against more sophisticated threats.
As I mentioned a few weeks ago both out-sourced code maintenance done in places like Pakistan and wintel component manufacture in countries like China and Singapore, expose the entire world economy to the risk of IT sabotage by religious or nationalist fanatics recruited by Chinese or other government agents.
Last week a minor systems failure at United Airlines left passengers stranded around the world and created cascading effects that took several days to ripple through the system. That was almost certainly not someone's trial run, but you should think of it as a warning and ask yourself what you're doing to protect the world from malicious shutdowns in the financial, transportation, or power generation and distribution networks?
Nothing? Because it's not your problem and besides everybody else is using the same tools, the same applications, and interchangeably the same people you are? Great, remember that bromide about the price of liberty? it has a corollary: what you don't protect, you lose - and as an industry we're so enthralled with the employment guarantees afforded by the click and drool crowd that we've become oblivious to the greater danger posed by people with more resources and subtler agendas.
But they're there - and its long past time we got serious about the threats they pose.