Highlights
– Congressional computers hacked
– Attacks traced to China
– Attacks against other critical infrastructure targets are expected
On Wednesday June 11, 2008, Representative Frank Volf (R-VA) released a statement detailing a series of cyber attacks against his office’s computer systems and more broadly sounding the alarm over dire state of cyber security in the federal government and private sector.
Rep. Wolf first noted that his staff’s computers were targeted in an attack, which was traced back to computers in China. Specifically, Rep. Wolf’s foreign policy and human rights staff members, chief of staff, legislative director, and judiciary staff person were all targeted for attack. The congressman noted, “on these computers was information about all of the casework I have done on behalf of political dissidents and human rights activists around the world.”
China Blamed
Wolf further noted, “In subsequent meetings with House Information Resources and FBI officials, it was revealed that the outside sources responsible for this attack came from within the People’s Republic of China. These cyber attacks permitted the source to probe our computers to evaluate our system’s defenses, and to view and copy information. My suspicion is that I was targeted by Chinese sources because of my long history of speaking out about China’s abysmal human rights record.”
Two other Representatives, Christopher Smith (R-NJ) and Stephen Kirk (R-IL), have also acknowledged that computers in their respective offices have also been targeted by suspected Chinese cyber spies.
Previous Attacks
Although it is difficult to prove that the Chinese government either authorized or sponsored these attacks based on the information made available, it is clear that Chinese hackers represent a threat to United States (US) national security. Previous attacks attributed to Chinese cyber spies include:
• The US Naval War College (Previous Report)
• The US State Department (Previous Report)
• The US Department of Energy (Previous Report)
• The US Commerce Department (Previous Report)
• The US Department of Defense (Previous Report)
Additionally, recent media reports have attributed two recent power outages in the Eastern United States in part to Chinese hacker (Previous Report).
Scope of the Problem
Due to the above rash of reported attacks, China’s interest in developing an advanced cyber warfare capability, as well as the continued discovery of new cyber vulnerabilities in our nation’s critical infrastructure (Previous Report), it is reasonable to conclude that these weaknesses combine to create a glaring vulnerability in our national security. As such, it should be expected that cyber attacks will continue against US government, military, and other critical infrastructure targets.
As Rep. Wolf notes, “computer systems control all critical infrastructures, and nearly all of these systems are linked together through the Internet. This means that nearly all infrastructures in the United States are vulnerable to being attacked, hijacked or destroyed by cyber means. We cannot afford to look the other way when foreign sources are threatening to compromise our government institutions, our economy, our very way of life through cyber espionage. We cannot sit by and watch.”