Tuesday, May 21, 2013

Why China Attacked Google

In a brilliant stroke of counterintelligence, the cyberwarfare arm of the People's Republic of China raped Google's servers and aside from picking up their most proprietary intellectual property (their search engine core) they targeted and no doubt got their database on which individuals had been targeted for legal surveillance by court order.

First, let us review why this is excellent counterintelligence. Then, why I mention it to you and what it may mean for American policy.

When country A is spying on country B, it can do so with various means and approaches, the most famous of which is often badly represented in films: the clandestine agent or spy. (1) The clandestine agent may be a citizen of the target country, or he/she may be a foreign national masquerading as a citizen. The clandestine agent may be working at a sensitive position in industry or government, or socialize with such people, or recruit and then manage networks of people who pass on confidential information.

Since country B knows that country A is spying on them, they organize their resistance and defense against such spying and call it counterintelligence. But since country A knows that country B is protecting themselves, they have an incentive to hide and protect their sources, and this is also called counterintelligence, although it might more properly be called counter-counterintelligence.

Still with me?

China is spying on the US. The US investigates the spying. China wants to know who the US is investigating so that they can hide their agents, protect them, tell them to do nothing incriminating for a few years, or find some way to mislead the US about their spying.

How does China find out who the US suspects?

In general, when we use surveillance on a person in the USA, we need a court order. This is not trivial to do, but it is done all the time and requires a judge to agree that it would make sense to do surveillance as part of a criminal investigation. Court order in hand the counterintelligence agency can go to various organizations like the phone company or the internet provider and request information about what the user is doing and ask for records to be kept.

Naturally, the phone company or whatever keeps a record of who they are looking at. What China did was to penetrate Google, find their database of who they had been requested to keep information about, and steal it. In this way they can know a great deal about who we suspect may be a Chinese spy. They can then look at this list and know to a large extent how far we have gotten in our defense against their attacks and make adjustments.

This they have done. It is a fait accompli. All counterintelligence in this country that involves HUMINT and the Chinese is dead as of that date. New investigations may now come into being, but they will probably be compromised as well because China is massively attacking all such targets for this and other information.

This is one datapoint of many that indicates that China is waging an undeclared war against the Untied States. It is not a hot war in the sense that thousands of people die each year, but it is a war of intelligence among other things and dozens of people die each year. When countries execute massive intelligence campaigns against other countries, it is in preparation for real war, or in anticipation that there may be a real war.   And if there is a real war, which there very well may be, then thousands of people will die because of the intelligence gathered by the people who China has now successfully protected.

Again this is just one datapoint. There are many such datapoints, and if you doubt me, look up the euphemism "advanced persistant threat" and look for yourself.  

Since China is executing a campaign of massive espionage against the United States, possibly the largest in history, this helps to explain why we finance them by sending all our manufacturing to China, right?   This is why the Republicans defeat any attempt to require American business to protect sensitive information, right ?   Its the price we have to pay to make a fast buck.
A respectable article from the Council of Foreign Relations:

See this link for a truly wonderful editorial on the implications of all this for private industry. It is of the great Internet rants, this time of the so-called INFOSEC world.



1. Modern intelligence takes many forms and the number increases with time. The classic clandestine spy is called HUMINT in todays jargon, e.g. human intelligence. Other types include SIGINT (signals intelligence), IMINT (imagery intelligence), MASINT (measurment intelligence), open source intelligence and the emerging field of cyber intelligence. The CIA keeps an excellent archive of declassified intelligence research and it is worth reading for background. https://www.cia.gov/library/index.html

No comments:

Post a Comment