Who's ahead in cyber espionage war between U.S., China?

The pace of cyber espionage between China and the United States has accelerated in recent years, and China, with a campaign investigators call 'Byzantine Hades,' may have taken the upper hand, according to recent State Department cables and security experts.

That China and the United States are engaged in cyber espionage isn’t exactly a secret, even if the details of the game aren’t usually public. But the pace has picked up in recent years and security experts say China may have taken the upper hand, according to a report by Reuters.

Brian Grow and Mark Hosenball write that China has stolen terabytes of sensitive U.S. data as part of a campaign of attacks that are accelerating. The stolen information includes usernames and passwords for State Department computers and designs for multi-billion dollar weapons systems, the authors write.

Grow and Hosenball cite leaked State Department cables — obtained by Wikileaks and handed over to Reuters — tracing attacks to China and interviews with security experts. U.S. investigators have given a name to China's attacks — “Byzantine Hades.”


Related stories:

U.S. loses ground in global cyber race

DOD's new cyber strategy likely to outline 'active defense'


Among the examples they site are the Aurora attacks on Google, announced in January 2010, in which the systems of anywhere from 100 to 150 companies were breached. China has been widely suspected in the attacks.

Aurora is an example of an advanced persistent threat, an under-the-radar targeted attack that uses social-engineering tricks to gain access to systems. The approach can be used in spear-phishing attacks on high-value targets, who would likely have access to sensitive information. The Reuters report said spear-phishing is China’s most common form of attack.

Of course, saying which country really has the upper hand is difficult, since so much of it is done in secrecy. Grow and Hosenball point out that little is known about what the United States is carrying out in cyberspace, and the same could be said of any country.

As Marc Fossi, executive editor of Symantec’s Internet Security Threat Report, told GCN's William Jackson recently: “The targeted attacks we’ve heard about are only the ones we’ve heard about.”

NEXT STORY: Tracking the cyber underground