WikiLeaks docs and Iran hack expose cyber wars

Leaked documents show China's involvement in Google attack, while Iran admits Stuxnet exploit shut down uranium processing

When Google blamed China for compromising sensitive computers on its network, many security professionals dutifully reminded people that, on the Internet, anyone can be China. When Stuxnet first came to light, theories abounded that the program had been designed by a nation-state to attack Iran's nuclear program. Many security researchers again pooh-poohed the idea. But on Monday, evidence mounted that both incidents are examples of hidden nation-state activities on the Internet.

In the first case, one of the more than a quarter-million U.S. diplomatic cables released by WikiLeaks on Friday confirms that sources inside China blame the Chinese government for the attacks on companies, such as Google, as well as on human rights groups. In January 2010, Google accused China of sponsoring attacks against the firm and other companies. Security experts maintained at the time that Google was probably certain of the source of the attacks to have made the statement -- with the caveat that such attacks are notoriously difficult to attribute.

While China has denied attacking U.S. companies and human interest groups in cyberspace, at least one of the diplomatic communiques released on Friday points a finger at the Chinese government, saying it had a direct hand in the attacks. According to the New York Times' account of the memos released by WikiLeaks:

China’s Politburo directed the intrusion into Google’s computer systems in that country, a Chinese contact told the American Embassy in Beijing in January, one cable reported. The Google hacking was part of a coordinated campaign of computer sabotage carried out by government operatives, private security experts and Internet outlaws recruited by the Chinese government. They have broken into American government computers and those of Western allies, the Dalai Lama and American businesses since 2002, cables said.

Attacks on various government agencies and nongovernmental human rights organizations, including a massive botnet used for surveillance of the office of the Dalai Lama, have also been linked to the Chinese government. The Chinese government's regular response to such accusations is to deny them.

Nations are finding the Internet a perfect vehicle for damaging attacks, albeit not of the physical variety. Stuxnet's targeting of nuclear processing facilities is case in point: Iran confirmed on Monday that the attack caused it to shut down its uranium processing activities temporarily.

"They succeeded in creating problems for a limited number of our centrifuges with the software they had installed in electronic parts," President Mahmoud Ahmadinejad said on Monday, according to Reuters. No nation has yet been linked to the Stuxnet attack, yet experts point to the United States and Israel as likely candidates.

For nation-states, attacking through the Internet is a deniable, yet effective, option. Cyber attacks do not attract the same level of outcry and criticism as, for example, the assassination of key nuclear scientists using car bombs, which also happened on Monday.

Iran's revelation and the existence of the diplomatic cable fingering China should confirm that the United States and other nations are taking both the benefits and threat of cyber espionage efforts seriously.

This article, "WikiLeaks docs and Iran hack expose cyber wars," was originally published at Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog.


Copyright © 2010 IDG Communications, Inc.

InfoWorld Technology of the Year Awards 2023. Now open for entries!