Hackers in China infiltrated the U.S. Chamber of Commerce’s computer systems, undetected probably for at least six months, the Wall Street Journal reported December 21. “The break-in at the U.S. Chamber of Commerce is one of the boldest known infiltrations in what has become a regular confrontation between U.S. companies and Chinese hacks,” it wrote.
The attack was shut down in May 2010, but the hackers may have had access to the Chamber’s systems for up to a year before that. Chamber officials investigating the attack say hackers accessed communications between less than 50 of its members, focusing on four Chamber employees that dealt with Asian policy. They are not sure if the hackers used this information to gain access to the computer systems of Chamber members.
“What was unusual about it was that this was clearly somebody very sophisticated, who knew exactly who we are, and who targeted specific people and used sophisticated tools to try to gather intelligence,” said David Chavern, chief operating officer of the Chamber of Commerce.
One of the Journal’s sources said the group behind the hack is suspected by U.S. officials of having ties to the Chinese government. The Chinese government says that hacking is illegal and that the allegation is false.
But an intelligence report to Congress published last month said: “Chinese actors are the world’s most active and persistent perpetrators of economic espionage.”
Chavern is pessimistic that any company can prevent this. “It’s nearly impossible to keep people out. The best thing you can do is have something that tells you when they get in,” he said. “It’s the new normal. I expect this to continue for the foreseeable future. I expect to be surprised again.”
This is just another example of how vulnerable the U.S. is to hacking.
In war, it is not just military targets that get bombed—factories and power stations are hit too. Other nations can cause major problems for the U.S. by targeting civilian institutions. This episode may have helped some Chinese firms get ahead in business, but other scenarios could be deadly. ▪