In mid-June officials announced that a recent security breach at the U.S. Office of Personnel Management compromised the personal information of approximately 4 million current and former Federal employees. It was also announced that the hackers were believed to be working for the Chinese government, possibly the state run hacking super unit know as Unit 61398. The question is what does this mean in terms of America’s cyber security, and what is to come?
Many believe cyber warfare will be the wave of the future with battles fought on the internet by hackers rather than soldiers on a battlefield. Regardless of whether you believe keystrokes will replace rifle shots, there is no doubt that cyber attacks will at minimum be a vital aspect of America’s National Security. In order to defend against future attacks, we must determine why the Chinese conducted the recent attacks and what they attempted to gain from such blatant violations of America’s cyber infrastructure. Experts differ in their opinions on this matter, but I think that they are unnecessarily complicating the issue. Instead of looking at it in the same manner as teenage hackers who change grades or con-men who steal credit card information, these attacks need to be analyzed in the same manner as any other attack by a foreign nation.
One scenario involves the current attacks being the latest in a series of attacks designed to position China for a devastating, even fatal, blow to America’s cyber lifeline. If this is the case, then you would expect to have seen similar attacks against less secure, lower level networks – probing attacks if you will. These smaller attacks would have severed several purposes including the testing of hackers’ skills and software, determining discovery time and gaging response.
As it is, Unit 61398 has been linked to previous attacks at both government and non-government sites. In March, officials discovered similar attacks involving the Government Printing Office and the Government Accountability Office. The former prints many government documents and forms, including passports, while the latter investigates federal spending and abuse in government programs. Information obtained from either attack could potentially provide the intelligence needed for future attacks, both cyber and conventional, and provide insight into the effectiveness of current programs or offices. In May, the Department of Justice actually charged several senior members of the Chinese military, including the commanding officer of Unit 61398, with hacking numerous American companies including U.S. Steel Corp., Westinghouse, Alcoa, Allegheny Technologies, the United Steel Workers Union and SolarWorld. Some of these companies are current or past holders of defense contracts or partners in government managed research projects. Again, these attacks could have gained valuable intelligence related to current or upcoming defense projects or even the progress of our alternative energy programs. There is even speculation that Chinese hackers were responsible for a 2013 infiltration of the New York Times.
If you view these attacks in the terms of conventional attacks, the earlier intrusions would be similar to gunboats or warplanes harassing Navy units as they pass through nearby waters. The purpose was not to truly attack and defeat the larger forces, but to test the response both locally at the time of the attack and later on the international level. Unfortunately, thus far the U.S response has been akin to turning the other cheek. Other than the basically useless indictment of military leaders, our leaders have been reluctant to directly confront the Chinese for what is essentially state sponsored cyber warfare. If we do not address this issue with a firm and unwavering response, then we should expect Unit 61398 to continue repeated attacks against larger and increasingly vital networks.
Disclaimer: The content in this article is the opinion of the writer and does not necessarily reflect the policies or opinions of US Patriot Tactical.