Chinese government is innocent of cyber attacks until proven guilty
Circumstantial evidence alone should not condemn Beijing of sponsoring hacking of U.S. companies
Follow @rogeragrimesEver since reports emerged about Chinese cyber attacks on several companies, including Google, the media has been full of stories accusing none other than the Chinese government (or its agents) of the dirty deed. For those of us inside the computer security industry, there's nothing new about suspecting the Chinese government of malicious hacking. What's missing in this case, however, is evidence; until that proof materializes, I refuse to point the finger at Beijing.
I'll readily admit that the Chinese government has a dubious track record when it comes to malicious hacking. The first public allegation of Chinese military hacking was back in 2005 with the Titan Rain project. Today, we have many well-documented cases of hacking originating from China (just use an Internet search engine to be overwhelmed). There are plenty of public whitepapers about Chinese government hacking programs. Among the most recent respected papers are Northtrop Grumman's "Capability of the People's Republic of China to Conduct Cyber Warfare and Computer Network Exploitation," and the 2009 "U.S.-China Economic and Security Review" report to Congress.
[ InfoWorld's Roger Grimes explains how to stop data leaks in an enlightening 30-minute webcast, Data Loss Prevention, which covers the tools and techniques used by experienced security pros. ]
Moreover, I'm personally familiar with many cases where government and military secrets have been hacked and sent to Chinese-originated IP addresses. It's the world I have lived in for the past two-plus years. Chinese hacking of government and military information is rampant.
But I've yet to see a shred of evidence that the Chinese government is involved in any of these incidents.
Let me clear here that I am speaking on behalf of myself, not my employer or any company I've consulted. Also, let me say that I haven't had access to classified data on the issue.
Additionally, I'm not defending China for such actions as blocking free access to any information (with the notable and understandable exceptions of child pornography, classified information, etc.). I can't understand any society tolerating filtered search queries. Moreover, I certainly believe that the Chinese government is capable of sophisticated hacking. I even believe it's likely that the Chinese government would engage in that sort of activity.
