The Chinese military hacked into a Pentagon computer network in June in the most successful cyber attack on the US defence department, say American officials.
The Pentagon acknowledged shutting down part of a computer system serving the office of Robert Gates, defence secretary, but declined to say who it believed was behind the attack.
Comment: China flexes its limited muscles – Sep-04
Editorial Comment: China’s cyber-spies – Sep-03
Beware: enemy attacks in cyberspace – Sep-03
Beijing pledges crackdown on hackers – Aug-27
Current and former officials have told the Financial Times an internal investigation has revealed that the incursion came from the People’s Liberation Army.
One senior US official said the Pentagon had pinpointed the exact origins of the attack. Another person familiar with the event said there was a “very high level of confidence…trending towards total certainty” that the PLA was responsible. The defence ministry in Beijing declined to comment on Monday.
Angela Merkel, Germany’s chancellor, raised reports of Chinese infiltration of German government computers with Wen Jiabao, China’s premier, in a visit to Beijing, after which the Chinese foreign ministry said the government opposed and forbade “any criminal acts undermining computer systems, including hacking”.
“We have explicit laws and regulations in this regard,” said Jiang Yu, from the ministry. “Hacking is a global issue and China is frequently a victim.”
George W. Bush, US president, is due to meet Hu Jintao, China’s president, on Thursday in Australia prior to the Apec summit.
The PLA regularly probes US military networks – and the Pentagon is widely assumed to scan Chinese networks – but US officials said the penetration in June raised concerns to a new level because of fears that China had shown it could disrupt systems at critical times.
“The PLA has demonstrated the ability to conduct attacks that disable our system…and the ability in a conflict situation to re-enter and disrupt on a very large scale,” said a former official, who said the PLA had penetrated the networks of US defence companies and think-tanks.
Hackers from numerous locations in China spent several months probing the Pentagon system before overcoming its defences, according to people familiar with the matter.
The Pentagon took down the network for more than a week while the attacks continued, and is to conduct a comprehensive diagnosis. “These are multiple wake-up calls stirring us to levels of more aggressive vigilance,” said Richard Lawless, the Pentagon’s top Asia official at the time of the attacks.
The Pentagon is still investigating how much data was downloaded, but one person with knowledge of the attack said most of the information was probably “unclassified”. He said the event had forced officials to reconsider the kind of information they send over unsecured e-mail systems.
John Hamre, a Clinton-era deputy defence secretary involved with cyber security, said that while he had no knowledge of the June attack, criminal groups sometimes masked cyber attacks to make it appear they came from government computers in a particular country.
The National Security Council said the White House had created a team of experts to consider whether the administration needed to restrict the use of BlackBerries because of concerns about cyber espionage.
Additional reporting by Richard McGregor in Beijing
To contact the reporter email firstname.lastname@example.org