China is probably hacking and spying on US, report finds

Looking to gain the upper hand in any future cyber conflicts, China is probably spying on US companies and government, according to a report commissioned by a Congressional advisory panel monitoring the security implications of trade with China.

The report outlines the state of China's hacking and cyber warfare capabilities, concluding that "China is likely using its maturing computer network exploitation capability to support intelligence collection against the US government and industry by conducting a long term, sophisticated computer network exploitation campaign." In other words, evidence suggests the Chinese government is using hacking techniques to steal US government and industry secrets.

Published Thursday, the report was written by Northrop Grumman analysts commissioned by the US-China Economic and Security Review Commission.

Government agencies and military contractors have been hit with targeted, well-crafted attacks for years now, many of which appear to have originated in China. But this report describes in detail how many of these attacks play out, including an attack that exploited an unpatched flaw in Adobe Acrobat that was patched earlier this year.

Citing US Air Force data from 2007, the report says at least 10 to 20 terabytes of sensitive data has been siphoned from US government networks as part of a "long term, persistent campaign to collect sensitive but unclassified information".

Some of this information is used to create very targeted and credible phishing messages that then lead to the compromise of even more computers.

Northrop Grumman based its assessment largely on publicly available documents, but also on information collected by the company's information security consulting business.

The report describes sophisticated, methodical techniques, and speculates on possible connections between Chinese government agencies and the country's hacker community, increasingly a source of previously unknown "zero-day" computer attacks.

"Little evidence exists in open sources to establish firm ties between the [People's Liberation Army] and China's hacker community, however, research did uncover limited cases of apparent collaboration between more elite individual hackers and the [People's Republic of China's] civilian security services," the report says.