Hacker Attacks Linked To Chinese Military

[vector7]

Cyberattack on US Nuclear Lab Linked to China

Hackers' trail leads to Chinese locations, but could be red herring

(Newser) – The coordinated cyberattack into the nonclassified portion of a US nuclear laboratory may have originated in China, says a Homeland Security memo obtained by the New York Times. The memo includes a list of offending internet addresses associated with locations in China, but points out that hackers commonly bounce their signal off of compromised computers to obscure their trail.

Officials at the Oak Ridge National Laboratory said the attacks took the form of seven separate ‘phishing’ emails, made to look legitimate and sent thousands of times to lab employees, which contained surveillance software disguised as attachments. “At present we believe that about 11 staff opened the attachments, which enabled the hackers to infiltrate the system and remove data,” said the lab’s director.

[vector7]

China hackers break into five oil companies

Computer hackers based in China have infiltrated five multinational oil companies, according to a new report.



The hackers targeted five large oil and gas companies Photo: CLARE KENDALL

By Malcolm Moore, Shanghai 8:07PM GMT 10 Feb 2011

The "Night Dragon" attacks, as they have been dubbed, are now being investigated by the United States Federal Bureau of Investigations (FBI).

Starting as early as 2007, the attacks were "coordinated, covert and targeted", according to a report by McAfee, the computer security company.

McAfee said the hackers targeted five large oil and gas companies, but did not identify them by name. The attacks successfully obtained information about oil and gas field operations, including the configuration of equipment, and financial documents relating to bids for oil and gas concessions and drilling rights.

Dmitri Alperovitch, a researcher at McAfee, suggested the attacks had been commercially motivated. "The information is tremendously sensitive and would be worth a huge amount of money to competitors," he said.

He added that the attacks had occurred strictly during working hours, Beijing time, and that the hackers appeared to be like "company worker bees".

[American Patriot]

You know... these fuckers need to learn a lesson and if we don't do it.. no one will.

It's about God Damned Time Obabyma grew a fucking pair of balls and called them and said "quit it, now or else".

I don't see why our hackers are hacking them to death

[vector7]

'What If?' Scenario: Cyberwar Between US And China In 2020

Posted on: Thursday, 24 March 2011, 13:50 CDT



Fellow at Rice University's Baker Institute projects what might happen

As Iran's nuclear plant attack and Chinese-based hackers attacking Morgan Stanley demonstrate how the Internet can wreak havoc on business and governments, a new paper by a fellow at Rice University's Baker Institute for Public Policy hypothesizes what an all-out cyberwar between the U.S. and China might look like.

To date, the cyberattacks in East Asia have been relatively benign, said Christopher Bronk, author of "Blown to Bits: China's War in Cyberspace, August–September 2020," published this month in the U.S. Air Force journal Strategic Studies Quarterly. Bronk is a fellow in information technology policy at the Baker Institute and a former U.S. State Department diplomat.

"Web pages are defaced, allegations of espionage are leveled and, generally, a status quo of sorts is maintained. The threat politics of the cyberdomain, however, do not stand still," Bronk said. "China has been deeply impressed by U.S. information dominance since the 1991 Gulf War.

China has produced a considerable literature of strategic studies for cyberoperations while developing a national firewall system that shields the country from a considerable portion of Web content.

"The United States, too, has made strategic moves in cyberspace and is in the process of building a Department of Defense cybercommand that will manage the efforts of thousands of civilian and military 'cyberwarriors,'" Bronk said.

With an increasing number of countries around the globe developing military cybercapabilities, Bronk chose to consider how a conflict with major cybercomponents might appear. "Basically, many in the information-security community have been saying either, 'We're in a cyberwar with China' or 'It's time to prepare for a cyberwar with China.'

The points I'm trying to make are, first, that cyberwar is not a substitute for real warfare but instead may be a component of conventional or unconventional military action, and second, that there's a great deal of very conventional thinking on this very unconventional topic."

[vector7]

China's Blue Army of 30 computer experts could deploy cyber warfare on foreign powers

• Leo Lewis
• From: The Times

CHINA has admitted for the first time that it had poured massive investment into the formation of a 30-strong commando unit of cyberwarriors - a team supposedly trained to protect the People's Liberation Army from outside assault on its networks.

While the unit, known as the "Blue Army", is nominally defensive, the revelation is likely to confirm the worst fears of governments across the globe who already suspect that their systems and secrets may come under regular and co-ordinated Chinese cyberattack.

In a chilling reminder of China's potential cyberwarfare capabilities, a former PLA general told The Times that the unit had been drawn from an exceptionally deep talent pool.

"It is just like ping-pong. We have more people playing it, so we are very good at it," he said.

The Blue Army, which comprises a few dozen of the best talents China has to offer, are understood to have been drawn from various channels, including existing PLA soldiers, officers, college students and assorted "members of society".

Confirmation of the existence of the Blue Army came during a rare briefing by the Chinese Defence Ministry whose spokesman, Geng Yansheng, said that the unit's purpose was to improve the security of the country's military forces.

Organised under the Guangdong Military Command, the Blue Army is understood to have existed formally for about two years, but had been discussed within the PLA for more than a decade. A report in the official PLA newspaper said that "tens of millions" had been spent on the country's first senior-level military training network.

Xu Guangyu, a senior researcher of the government-backed China Arms Control and Disarmament Association, described the existence of the Blue Army as a great step forward for the PLA and said that China could not afford to allow "blank spaces" to open up in state and military security.

"The internet has no boundaries, so we can't say which country or organisation will be our enemy and who will attack us. The Blue Army's main target is self-defence. We won't initiate an attack on anyone," he said.

In a comment that many foreign governments will argue dramatically understates the true balance of cyberwar capabilities, Mr Xu added: "I don't think our Blue Army's skills are too backward compared to those of other countries."

In a recent test of its powers, reported the PLA Daily, the Blue Army was thrust into a simulated cyberbattle against an attacking force four times its size and left to defend China's military networks against a bombardment of virus attacks, massive barrages of junk mail and stealth missions into the inner sanctums of military planning to steal secret information on troop deployment. The Blue Army, predictably, triumphed.

Asked whether the unit had been set up specifically to mount cyberattacks on foreign countries, Mr Geng said that internet security had become an international issue with an impact on the military field of battle. China, he added, was also a victim and its abilities to protect itself from cyberattack were very weak.

Even without the PLA's acknowledgement of the existence of the Blue Army, sources throughout the internet security industry have long believed that Chinese-based hackers are the single largest source of worldwide cyberattacks.

A report on cyberespionage last year by the US anti-virus software maker Symantec found that more than a quarter of all attempts to steal sensitive corporate data originated in China and that the eastern city of Shaoxing was the single largest generator of attacks. Western intelligence sources believe that many Chinese-originated attacks are carried out by hackers with links to the PLA or the Chinese Government.

[vector7]

Companion Thread:

• The China Threat

China suspect in US satellite interference: REPORT

Oct 27 04:29 PM US/Eastern



NASA satellites were interfered with four separate times in 2007 and 2008, possibly by the Chinese military, according to a draft of an upcoming report for the US Congress.

The latest draft of the report by the US-China Economic and Security Review Commission said the computer hackers behind the interference gained the ability to issue commands to one of the satellites on two occasions.

The targeted satellites are used for observation of the earth's climate and terrain, according to the report to be submitted to Congress on November 16. A copy of the latest draft of the report was obtained by AFP on Thursday.

It said the account of the interference with the satellites came from a May 2011 briefing for the Commission by the US Air Force.

The hackers appear to have exploited the information systems of the Svalbard Satellite Station (SvalSat), a commercially operated satellite ground station in Spitsbergen, Norway, to gain access to the satellites, the report said.

SvalSat relies on the Internet for data access and file transfers, it said, citing a recent National Aeronautics and Space Administration report.
On October 20, 2007, Landsat-7, a US earth observation satellite jointly managed by NASA and the US Geological Survey, experienced 12 or more minutes of interference, the report said.

Landsat-7 experienced another 12 or more minutes of interference on July 23, 2008, the report said.

It said that on June 20, 2008, Terra EOS AM-1, a NASA-managed program for earth observation, experienced two or more minutes of interference, it said.

It said the hackers behind the interference with Terra EOS AM-1 "achieved all steps required to command the satellite but did not issue commands."

On October 22, 2008, Terra EOS AM-1 experienced nine or more minutes of interference, the report said, and "the responsible party" again "achieved all steps required to command the satellite but did not issue commands."

"Such interference poses numerous potential threats, particularly if achieved against satellites with more sensitive functions," the report said.
"For example, access to a satellite's controls could allow an attacker to damage or destroy the satellite," the commission said.

"The attacker could also deny or degrade as well as forge or otherwise manipulate the satellite's transmission," it said. "A high level of access could reveal the satellite's capabilities or information, such as imagery, gained through its sensors."

The report stressed that it was not recounting the incidents "on the basis of specific attribution information" but rather "because the techniques appear consistent with authoritative Chinese military writings."

"Authoritative Chinese military writings advocate for such activities, particularly as they relate to ground-based space infrastructure, such as satellite control facilities," the report said.

The draft report also accused China of being behind a "range of malicious cyber activities" including state-level involvement in cyberattacks, industrial espionage and the compromise of US and foreign government computer systems.

"In 2011, US and foreign government organizations, defense contractors, commercial entities, and various nongovernmental organizations experienced a substantial volume of network intrusions and attempts with various ties to China," the report said.

China has repeatedly denied any state involvement in cyberattacks against government agencies and firms, including well-publicized attacks on Internet giant Google that sparked a row between Washington and Beijing.

[Ryan Ruck]

Wow, any bets on this going largely unreported in the press?

[American Patriot]

hmmmm I can't comment... lol

[Malsua]

Frickin Chinese just don't know when to leave well enough alone.

[American Patriot]

Let's just say if they touch a military asset, they won't like the consequences.

[vector7]

China Linked to Cyber Attacks on 48 Chemical and Defense Companies

• Posted on November 1, 2011 at 2:43pm by Liz Klimas

• Comments (33)

BEIJING (The Blaze/AP) — A U.S. computer security company says from its analysis, cyber attacks on at least 48 chemical and military-related companies in an effort to steal technical secrets have been traced to China.

The targets included 29 chemical companies and 19 others that make advanced materials used by the military, California-based Symantec Corp. said in a report. It said the group included multiple Fortune 100 companies but did not identify them.


Figure 1 from Symantec's report: This data is derived from the IP addresses of machines connecting back to the command and control server. The majority of infected machines are located in the US, Bangladesh and the UK; however, overall there is wide geographical spread of infections.

“The purpose of the attacks appears to be industrial espionage, collecting intellectual property for competitive advantage,” said the report.

This news comes in as China is also denying an accusation made last week by the U.S.-China Economic and Security Review Commission that the country hacked into two U.S. weather monitoring satellites, Reuters reports. The commission states that it hasn’t actually traced these weather satellite hacks back to China, but that the hacks appear consistent with “with authoritative Chinese military writings”.

Security experts say China is a center for Internet crime. Attacks against governments, companies and human rights groups have been traced to this country, though finding the precise source is nearly impossible. China’s military is a leader in cyberwarfare research but the government has rejected allegations of cyberspying and says it also is a target.

The latest attacks occurred between late July and September and used e-mails sent to companies to plant software dubbed “PoisonIvy” in their computers, Symantec said. It said the same hackers also were involved in attacks earlier this year on human rights groups and auto companies.

Symantec said it traced the attacks to a computer system owned by a Chinese man in his 20s in the central province of Hebei. It said that when contacted, the man provided a contact who would perform “hacking for hire.”

Symantec said it could not determine whether the Chinese man was a lone attacker, whether he had a direct or indirect role or whether he hacked the targets for someone else. It called him Covert Grove based on a translation of his Chinese name.

The U.S. and Chinese governments have accused each other of being involved in industrial espionage.

Security consultants say the high skill level of earlier attacks traced to China suggests its military or other government agencies might be stealing technology and trade secrets to help state companies.

The chairman of the U.S. House of Representatives Intelligence Committee, Rep. Mike Rogers, said last month that Chinese efforts to steal U.S. technology over the Internet had reached an “intolerable level.” He called on the U.S. and other governments to pressure Beijing to stop.

Another security firm, McAfee Inc., said in August it had found a five-year-long hacking campaign that it called Operation Shady Rat against more than 70 governments, international institutions, corporations and think tanks.

In February, McAfee said hackers operating from China stole information from oil companies in the United States, Taiwan, Greece and Kazakhstan about operations, financing and bidding for oil fields.

Thousands of Chinese computer enthusiasts belong to hacker clubs and experts say some are supported by the military to develop a pool of possible recruits. Experts say military-trained civilians also might work as contractors for companies that want to steal technology or business secrets from rivals. Earlier this year, The Blaze reported on evidence that showed a Chinese military university engaging in cyberwarfare against the U.S.

China has the world’s biggest population of Internet users, with more than 450 million people online, and the government promotes Web use for business and education. But experts say security for many computers in China is so poor that they are vulnerable to being taken over and used to hide the source of attacks from elsewhere.

Last year, Google Inc. closed its China-based search engine after complaining of cyber attacks from China against its e-mail service.

That case highlighted the difficulty of tracking hackers. Experts said that even if the Google attacks were traced to a computer in China, it would have to be examined in person to be sure it wasn’t hijacked by an attacker abroad.

[Ryan Ruck]

China Bolstering Cyber Defenses For Modern-Day Warfare

November 7, 2011

The People's Liberation Army is preparing for battle, but this time in the realm of cyber warfare, setting up special units and deploying experts estimated to be in the several tens of thousands.

"You can take the initiative in war if you control cyberspace covering the whole globe," said Col. Si Guangya at the National Defense University, who is involved in information warfare.

Si positions cyberspace as "a stronghold for national security more important than the ocean."

The Lanxiang vocational school in Jinan, Shandong province, is said to be training computer engineers for the PLA.

An Asahi Shimbun reporter was recently allowed onto the school's 130-hectare campus with the permission of school officials.

The No. 5 computer training room, with rows of the latest models of personal computers, was on the top fifth floor of a new building, which was under particularly tight security.

The reporter was stopped by a man when he approached the room.

People entering and leaving the school premises are closely monitored, and men who appeared to be government officials were seen out and about, wearing earphones for communicating.

The school drew public attention in February 2010, when the U.S. media cited it as one of the places where cyber-attacks were initiated against U.S. search engine Google Inc.

The school opened in 1984 as a training center for repairing motorcycles and sewing machines. It now has 30,000 students learning subjects such as cooking and auto repair.

According to school officials, the school linked up with the PLA in 1988 and expanded its operations by leasing a former base site.

The school is providing technical training to soldiers free of charge. It has become the nation's only private training school for military technicians.

Li Zixiang, chief of the Communist Party committee at the school, told The Asahi Shimbun that the school has a relationship with the PLA but emphasized that it is not under the military's control.

The PLA, which has been working in earnest on steps to deal with cyber warfare since around 2005, has denied any involvement in cyber-attacks.

It said it is developing cyber capabilities only for defense purposes.

But a program on cyber warfare broadcast on a China Central Television channel in July suggested the military is carrying out certain attacks in cyberspace.

The PLA took part in the production of the program and introduced an attack system developed by the PLA Information and Engineering University.

A computer screen displayed names of organizations related to Falun Gong, a group of qigong practitioners outlawed by Chinese authorities.

With the press of a button, the system can send large numbers of e-mail messages containing computer viruses and disable those sites.

At the end of the program, Col. Du Wenlong of the Academy of Military Sciences said, "China needs to be more actively involved in attacks."

In recent cyber-attacks on the Lower House and other organizations, hackers disguised as other people sent e-mail messages containing viruses from server computers in China.

In April, the Asahi Shimbun reporter received a Japanese-language e-mail containing a virus from a person pretending to be a reader providing information.

The sender attached a file and asked the recipient to look at the photo of a warship taken in Yalong Bay of Sanya on China's Hainan Island.

The e-mail gave Haruka Kimura as the sender. It said the sender had read a story the reporter wrote on Chinese aircraft carriers.

But the Japanese language used was strange.

The reporter checked the sender's information and found that the e-mail was likely sent from Hong Kong's Central District and asked IBM Japan Ltd. to analyze it.

If the reporter had opened the attached file, his computer could have been infected with a virus, which would have allowed hackers to steal information or remote-operate the computer, according to IBM Japan.

According to IBM Japan's security operation center, many organizations, particularly government organizations, began receiving similar e-mail messages at the beginning of this year.

Infrastructure-related companies, such as electric power and gas companies, have been targeted since the March 11 Great East Japan Earthquake.

Titles are designed to entice receivers to open the messages, such as China's military activities near the disputed Senkaku Islands and the effects of radioactivity in the Kanto region.

About 90 percent of these messages originate from China, but a growing number of messages have been sent using free mailing services offered by Google and Microsoft Corp.

It has been impossible to identify who sent the reporter the bogus e-mail, let alone uncover any possible ties to the Chinese military.

The Chinese government had denied any involvement in the cyber-attacks. It portrayed China as a victim, saying that server computers in China incurred nearly 30,000 cyber-attacks in the first half of 2011.

But hackers targeting specific individuals must gather a substantial amount of information, such as e-mail addresses and their personal relationships.

There is a possibility that a military or intelligence organization was involved.

The PLA Daily, the military's newspaper, carried a report on an exercise conducted in April by the PLA's first special cyber-unit.

Dozens of soldiers, divided into blue and red teams, sat before computers and sent e-mail messages containing viruses.

The blue team finally entered the red team's computer network and stole information such as layout plans for military units and route plans.

The special cyber-unit, made up of 30 Internet experts, is based in the Guangzhou Military Region in southern China.

The PLA has also set up a new base for cyber training, spending tens of millions of yuan.

"(Creating the special cyber-unit) is as commonplace as forming the army or the air force," said Teng Jianqun, a senior official at the China Arms Control and Disarmament Association, who was formerly part of the military. "It is strategically significant to respond to next-generation warfare."

An official at the Ministry of National Defense said the special cyber-unit is not a team of hackers, saying it is training to enhance cyber-defense capabilities.

In his theory for the management of information security compiled in 2009, Maj. Gen. Wang Zhengde, president of the PLA Information Engineering University, said the core of national sovereignty is to defend new "national borders" in cyberspace in addition to territorial land, sea and airspace.

Taking charge of the new responsibilities is the No. 4 department of the General Staff Department, which serves as the PLA's brain by gathering information and planning operations.

In July 2010, a new division was created within the No. 4 department for coordinating research and operations scattered in cyber-related divisions. The PLA was aware of the cyber headquarters the U.S. military formed two months earlier.

In October, China conducted its first large-scale information warfare exercise in Bohai Bay, involving the army, the navy, the air force and the Second Artillery Corps, or China's strategic missile forces.

The exercise was designed to nullify the functions of an enemy headquarters with cyber-attacks and by jamming communications using electromagnetic waves.

China has about 500 million Internet users, the world's largest, including many hackers.

On anniversaries related to war with Japan, such as the Manchurian Incident of 1931, the number of cyber-attacks against Japan increases about eight times from normal levels.

The Honker Union of China, said to be China's largest hacker group, called for attacks against Japanese government organizations, such as the prime minister's office, when a Chinese trawler rammed two Japan Coast Guard patrol boats off the Senkaku Islands in September 2010.

A spokesman for the Honker Union denied a direct relationship with the PLA, saying it called for attacks as a private organization and from a patriotic standpoint.

But a 17-year-old boy who was arrested in connection with a cyber-attack was released and employed by the military, according to military sources.

"We can gain the upper hand if we aggressively utilize talented personnel," said Col. Si of the National Defense University.

In that aspect, China's cyber strategy resembles the People's War doctrine of Mao Tse-tung, which was characterized by guerilla warfare staged by ordinary people.

[American Patriot]

Ryan, you realize there are people who will look at you and snort if you say "China is dangerous. China can attack us. China can take down our networks. China can nuke us".

There are probably less than 25% of the US population (if not even a smaller number) who have ANY IDEA about what China is capable of doing.

I think most are right here on this site, a few in the military - but the general population is completely clueless and apathetic about this stuff. And yet, day in and day out one of us (you in particular) comes up with something new and scary about Russia or China.

[Ryan Ruck]

Yep, there are no shortage of puzzle pieces. Just a shortage of people willing to put the puzzle together for one reason or another.

[Phil Fiord]

I for another have been tracing such things from China for years now.

This is from 2002 and was when I lived in Southern California.

[Phil Fiord]

I've no doubt it does. Thanks for the current status. I did that trace back in 2002.

[Ryan Ruck]

U.S. Security Analysts: Chinese-Based Hacks Can Be Traced to 12 Gov’t-Backed Groups

December 12, 2011

As few as 12 different Chinese groups, largely backed or directed by the government there, commit the bulk of the China-based cyberattacks stealing critical data from U.S. companies and government agencies, according to U.S. cybersecurity analysts and experts.

The aggressive but stealthy attacks, which have stolen billions of dollars in intellectual property and data, often carry distinct signatures allowing U.S. officials to link them to certain hacker teams. Analysts say the U.S. often gives the attackers unique names or numbers, and at times can tell where the hackers are and even who they may be.

Sketched out by analysts who have worked with U.S. companies and the government on computer intrusions, the details illuminate recent claims by American intelligence officials about the escalating cyber threat emanating from China. And the widening expanse of targets, coupled with the expensive and sensitive technologies they are losing, is putting increased pressure on the U.S. to take a much harder stand against the communist giant.

It is largely impossible for the U.S. to prosecute hackers in China, since it requires reciprocal agreements between the two countries, and it is always difficult to provide ironclad proof that the hacking came from specific people.

Several analysts described the Chinese attacks, speaking on condition of anonymity because of the sensitivity of the investigations and to protect the privacy of clients. China has routinely rejected allegations of cyberspying and says it also is a target.

“Industry is already feeling that they are at war,” said James Cartwright, a retired Marine general and former vice chairman of the Joint Chiefs of Staff.

A recognized expert on cyber issues, Cartwright has come out strongly in favor of increased U.S. efforts to hold China and other countries accountable for the cyberattacks that come from within their borders.

“Right now we have the worst of worlds,” said Cartwright. “If you want to attack me you can do it all you want, because I can’t do anything about it. It’s risk-free, and you’re willing to take almost any risk to come after me.”

The U.S., he said, “needs to say, if you come after me, I’m going to find you, I’m going to do something about it. It will be proportional, but I’m going to do something … and if you’re hiding in a third country, I‘m going to tell that country you’re there. If they don’t stop you from doing it, I’m going to come and get you.”

Cyber experts say companies are frustrated that the government isn’t doing enough to pressure China to stop the attacks or go after hackers in that country.

Much like during the Cold War with Russia, officials say the U.S. needs to make it clear that there will be repercussions for cyberattacks.

The government “needs to do more to increase the risk,” said Jon Ramsey, head of the counter threat unit at the Atlanta-based Dell SecureWorks, a computer security consulting company. “In the private sector we’re always on defense. We can’t do something about it, but someone has to. There is no deterrent not to attack the U.S.”

Cyberattacks originating in China have been a problem for years, but until a decade or so ago analysts said the probes focused mainly on the U.S. government – a generally acknowledged intelligence gathering activity similar to Americans and Russians spying on each other during the Cold War.

But in the last 10 to 15 years, the attacks have gradually broadened to target defense companies, then other critical industries, including energy and finance.

According to Ramsey and other cyber analysts, hackers in China have different digital fingerprints, often visible through the computer code they use, or the command and control computers that they use to move their malicious software.

U.S. government officials have been reluctant to tie the attacks directly back to the Chinese government, but analysts and officials quietly say they have tracked enough intrusions to specific locations to be confident they are linked to Beijing – either the government or the military. They add that they can sometimes glean who benefited from a particular stolen technology.

One of the analysts said investigations show that the dozen or so Chinese teams appear to get “taskings,” or orders, to go after specific technologies or companies within a particular industry. At times, two or more of the teams appear to get the same shopping list and compete to be the first to get them or to pull off the greatest haul.

Analysts and U.S. officials agree that a majority of the cyberattacks seeking intellectual property or other sensitive or classified data are done by China-based hackers. Many of the cyberattacks stealing credit card or financial information come from Eastern Europe or Russia.

According to experts, the malicious software or high-tech tools used by the Chinese haven’t gotten much more sophisticated in recent years. But the threat is persistent, often burying malware deep in computer networks so it can be used again and again over the course of several months or even years.

The tools include malware that can record keystrokes, steal and decrypt passwords, and copy and compress data so it can be transferred back to the attacker’s computer. The malware can then delete itself or disappear until needed again.

Several specific attacks linked to China include:

- Two sophisticated attacks against Google‘s systems stole some of the Internet giant’s intellectual property and broke into the Gmail accounts of several hundred people, including senior U.S. government officials, military personnel and political activists.

- Last year, computer security firm Mandiant reported that data was stolen from a Fortune 500 manufacturing company during business negotiations when the company was trying to buy a Chinese company.

- Earlier this year, McAfee traced an intrusion to an Internet protocol address in China and said intruders took data from global oil, energy and petrochemical companies.

A Chinese Foreign Ministry spokesman, Liu Weimin, did not respond Monday to the specific allegations about government-supported cyber-attacks but said Internet security is an issue the world needs to address collectively. The international community should “prevent the Internet from becoming a new battlefield,” Liu said at a daily media briefing in Beijing.

For the first time, U.S. intelligence officials called out China and Russia last month, saying they are systematically stealing American high-tech data for their own economic gain. The unusually forceful public report seemed to signal a new, more vocal U.S. government campaign against the cyberattacks.

The next step, said Cartwright, must be a full-throated U.S. policy that makes it clear how the U.S. will deal with cyberattacks, including the attackers as well as the nations the attacks are routed through. Once an attack is detected, he said, the U.S. should first go through the State Department to ask the country to stop the attack. If the country refuses, he said, the U.S. will have the right to stop the computer server from sending the attack by whatever means possible while still avoiding any collateral damage.

[American Patriot]

Talk, talk, talk... when do we release the hackers against them?

[Phil Fiord]

No doubt we have white hats already playing that game, Rick.

[American Patriot]

No doubt. But nothing is happening.

I know what we do. We defend. We protect. We avoid exposure.

We don't take offensive action.