Hacking as Cyberwarfare: China - Everyone Does It

The security chief of China's telecom giant Huawei reportedly said that using the Internet to spy and hack data is "standard practice" for all countries.  The publication of those comments yesterday indicates that the statement has the approval of state authorities.  Huawei has been the public focus of global concerns about Chinese hacking, with the U.S. Congress and Australia among those calling for bans on doing business with the firm.

The issue of hacking is gaining renewed access as the process has evolved from talented individuals exploring the potential, and weaknesses, in computer and telecommunications systems to a world where hacking is a focused and organized activity of collectives.  And in some cases government supported and directed.

Cybersecurity researcher Mikko Hypponen recently lamented the transition-

in the 1990s hackers hacked for fun, but “those happy days are behind us ... The happy hackers have disappeared.” Today “all hackers have motives for their actions.”

By 1999, the US government (Clinton, not Bush), authorized a CIA campaign of cyberwarfare against Serbia during the Kosovo War.  Since then, major hacking incidents such as Stuxnet and Red October, as well as the most recent incursions traced back to China, have raised the specter of state-supported and directed cyberwarfare.

It's also created a markets for both hacking activities and cyberwarfare defense. Freelance hackers offer distributed denial-of-service (DOS) attacks for as little as $2 an hour.  Anecdotes abound of governments using this market to target activists and journalists - including the recent hacking of the New York Times in response to a story of a retiring Chinese official's corruption.  In response, the Times hired a major cybersecurity firm, Mandiant.

After the Times discovered the intrusion, Mandiant allowed the hackers—who it quickly identified as being affiliated with the Chinese government—to skulk around the newspaper’s networks, tracking and learning from their movements before ejecting them.
“The counterintelligence model is the best one for this,” says Mandiant’s Richard Bejtlich. “In most cases, you are operating against the equivalent of a foreign intelligence agency.” 

Cybersecurity firms are increasingly going on the offensive against hacking attacks by "hacking back" - and actively seeking legal authority for their activities.

In a cover piece for Newsweek/The Daily Beast, Michael Moynihan landed an interview with one of the more notorious of the individual hackers - "th3j35t3r" ("The Jester").  The Jester claims responsibility for briefly knocking WikiLeaks offline and disabling around 200 jihadist websites, and calls himself a "patriotic hacktivist."  While he denies any direct government sponsorship or support, he did indicate that his current activities was "(merely) a continuation of [military] service."

According to security analyst T.J. O’Connor, the Jester has “proved that a single individual is very capable of waging cyberwar at a level we previously attributed only to intelligence agencies or crime syndicates.”

"The Jester" openly acknowledges that he's breaking the same laws that other hackers do, although commenting that the laws can be complex ("murky") in specifics, and he tries to take advantage of whatever loopholes and exemptions available.  But he sees himself as a soldier in an ongoing war;

“Cyberspace is fast becoming a serious battle space, everyone is now taking notice, and I am proud to be on the right side of things (kinda).”

Sources -  All governments hack secret data - Huawei, Rappler
You're Being Hacked, the Daily Beast/Newsweek