Everyday, every hour, this very minute perhaps, dark forces attempt to penetrate this castle’s walls, but in the end their greatest weapon . . . . is you.
– Albus Dumbledore
News stories of Chinese cyber-attacks against Western corporations, government offices and defense agencies are getting to be as routine as the ones that show Lindsey Lohan returning to rehab.
Last year, Google revealed that a Chinese hacker group, obviously under Communist Party control, had compromised the Internet giant’s servers, gained access to Chinese dissident’s email accounts and stolen the firm’s precious source code. Dubbed, “Operation Aurora” the attack also appears to have hit as many as 200 other major corporations – although virtually none of them have stood up to admit it. The year before, a sophisticated attack called “Ghost RAT” was shown to have infiltrated the Dali Lama’s Tibetan Government in exile along with several US agencies and foreign embassies.
Last week, CCTV, the Chinese government mouth piece let slip a video that showed Chinese cyber soldiers in the process of attacking a computer at the University of Alabama because it hosted a religious website (Falun Gong) that offends their communist sensibilities.
Last month, McAfee, a leading US based computer security software firm, released details of an investigation into an attack they call “Shady RAT.” McAfee engineers were even able to gain control of one of the hacker’s command and control servers and thereby identify the plot’s victims from the servers log files. This list points an unwavering finger at the despots in Beijing as well as offering much fodder for some creative speculation about the damage that it has caused in America.
The McAfee report, written by VP of Threat Research, Dmitri Alperovitch, revealed that at least 72 computer systems in the US, Taiwan, South Korea, Vietnam, India and Canada were attacked over a five year period from 2006 through 2010. The targets include the usual high-tech companies, government agencies (Federal, State, and County), Asian democracy advocates, and defense contractors. However, this attack also infiltrated the systems of the United Nations, the ASEAN (Association of Southeast Asian Nations) Secretariat, several national Olympic committees, the World Anti-Doping Agency, and the International Olympic Committee (IOC).
As usual, the Chinese government denies everything, but it doesn’t take Sherlock Holmes to figure out who spies on Taiwan, sabotages Democracy advocates, and cheats in the Olympics. If you don’t believe that the Chinese government was complicit here, then you probably also believe that the girls on their gymnastics team are really of age.
The cyber-assaults on China’s Olympic competitors were, of course, done before the 2008 Beijing games. While McAfee has politely anonymized the firms and agencies in their report other interesting conspiracies are suggested by matching the descriptions of the targets and the timing of the attacks to major news events.
My eye immediately caught one very tantalizing possibility. The logs show that a “U.S. Solar Power Energy Company” was compromised in September of 2009. Just two months later, on November 5, 2009, Evergreen Solar shocked the state of Massachusetts when it quite surprisingly announced the complete closure of its solar module production plant in Devans, MA. Incredulously, a brand new, $58 million facility, championed and supported by the state was to be mothballed and all production moved to Wuhan, China. 800 American workers lost their jobs. Since a manufacturing job typically supports four or more other jobs in the service and government sectors as many as 3,000 downstream families were probably devastated by Evergreen’s sudden relocation.
You’ve really gotta wonder just what on Earth provoked this abrupt decision. Sure, Evergreen’s CEO was eager to blame America when his firm rushed to embrace China’s huge subsidies, currency manipulation scheme, pollution-friendly environment and jackbooted control of labor; but what sort of reckless manager opens a factory and then closes it a year later? Had China’s Red Hacker Brigade simply discovered the perfect buyoff to lure Evergreen to Wuhan or did they uncover some scandalous corporate or personal data with which to black mail the firm? This is all pure speculation, but in keeping with the Chinese Communist Party’s people-be-damned approach to business and society.
Regardless of what happened with whichever unidentified “U.S. Solar Power Energy Company,” the fact remains that industrial espionage has material consequences and Alperovitch makes this chillingly clear when he writes:
What is happening to all this data — by now reaching petabytes as a whole — is still largely an open question. However, if even a fraction of it is used to build better competing products or beat a competitor at a key negotiation (due to having stolen the other team’s playbook), the loss represents a massive economic threat not just to individual companies and industries but to entire countries that face the prospect of decreased economic growth in a suddenly more competitive landscape and the loss of jobs in industries that lose out to unscrupulous competitors in another part of the world, not to mention the national security impact of the loss of sensitive intelligence or defense information.
Let there be no mistake, despite the lack of actual missiles and bombs we are at war with China – or more correctly China is at war with America – and the control freaks in Beijing are winning. This is not some massively multiplayer video game. This is an outright assault on the Western world and the US in particular with very real and incredibly devastating results for actual American families and the values we cherish. The question is simply, are we going to do anything about it?
Greg Autry is the co-author of Death by China. He teaches Macro Economics at the Merage School of Business, UC Irvine. He writes and speaks on China, space, economics, investing, and business strategy.