Posts Tagged ‘National Security Agency’

Are StingRay cellphone surveillance systems used by Canadian police?

November 12, 2015

The Vancouver Police Department is refusing to say whether it is using a controversial cellphone surveillance system called a StingRay that mimics cell phone towers to intercept calls and data.

StingRay is the common name for cell-site simulators that trick nearby mobile devices into connecting, revealing the phone’s location and data transmissions, including texts, emails and even voice conversations.

The devices have caused a furore in the U.S. where they are increasingly used by police, with towers sometimes disguised as pine or palm trees.

In Vancouver concerns have now been raised about the devices by the Pivot Legal Society, which filed Freedom of Information (FOI) requests to find out whether Vancouver police have bought one for use.

The answer they got, left them with more questions, according to Doug King, a lawyer with Pivot who specializes in police accountability.

“It’s the first time I’ve ever seen a police department say we are not even willing to acknowledge the existence of those records. It’s a step in secrecy that we’ve never seen before. It’s deeply concerning,” said King on Thursday morning.

CBC request denied

The Vancouver Police Department refused the CBC’s request for an interview or to provide any information about the use of any such devices.

“We never provide information that may harm the effectiveness of investigative techniques and procedures currently used, or likely to be used, in law enforcement and would not be able to facilitate an interview,” said Const. Brian Montague in an email to CBC today.

King says Pivot is concerned about the use of the devices, which are capable of blanket surveillance, without public accountability.

“You may find your data, your personal information being processed by police,” he said. “We saw a progression in the United States where police departments were starting to use this device.”

Pivot has appealed their FOI requests to the Privacy Commissioner’s office to see it they can get more information.

King pointed out that a warrant from a court is traditionally needed to breach a person’s privacy in Canada, and if that is not happening, legal reforms are needed.

“It is really concerning for us and I think it is part of a national conversation that needs to take place about the level of control that we allow our government over our personal information and our data.”

Under a new policy announced Sept. 3, U.S. federal law enforcement officials will be routinely required to get a search warrant before using the secretive cellphone-tracking technology.


Egypt crash shows mass surveillance can be crucial: analysts

November 7, 2015


Tourists arrive at the airport in Egypt’s Red Sea resort of Sharm El-Sheikh on November 6, 2015. AFP / by Michel Moutot |

PARIS (AFP) – Intelligence that first suggested an attack may have brought down a Russian passenger jet over Egypt last week largely justifies the mass surveillance carried out by US and British spies, experts said.While accumulating massive amounts of intercepted telephone and electronic communications and satellite imagery can hardly ever prevent an attack, it can help to shed light afterwards on what happened, they said.

The Times and the Daily Telegraph reported Friday that the US National Security Agency (NSA) and Britain’s GCHQ had intercepted telephone calls recorded before the catastrophe.

They concluded from the intercepts that it was possible that an attack by the Egyptian branch of the Islamic State group, known as Sinai Province, had brought down the plane after it took off from Sharm el-Sheikh.

On Friday, a source close to the investigation said the black boxes recovered from the Saint Petersburg-bound jet point to a bomb attack, apparently confirming suspicions expressed by US President Barack Obama and British Prime Minister David Cameron.

“What the NSA is doing is effectively trawler fishing, trawling all the information,” a former head of the French intelligence services told AFP, speaking on condition of anonymity.

The technique is known as “bulk collection”.

“They take everything they can. The ideal thing is to be able to connect all that up and to put it together with other types of information to be able to prevent anything happening.

“(But) experience shows that preventing this kind of thing is very difficult, even impossible.”

“In saying (he suspected a bomb), Obama simply read out the note that the intelligence services had prepared for him,” he continued.

“They will say: ‘We got this or that, we compared it with this or that and everything leads us to believe that’… After that it is up to the politicians.”

– ‘Hide their traces’ –

Satellite images recording a flash when a plane crashes or explodes — like that reportedly picked up by the US military at the time of the Egypt crash — can also be crucial to an investigation, a former French foreign intelligence agency official said.

The picture can be fed into a super-computer used to compare thousands of pieces of information.

“It may not have been evident at the time, but after the event, information is collated and it makes sense,” he said.

However, the intelligence services’ claims should be approached with caution, according to Shashank Joshi, senior research fellow at the London-based Royal United Services Institute.

“In the last few years, since the Edward Snowden revelations, we have seen some pretty big claims from intelligence agencies like GCHQ and NSA,” he added referring to the former US intelligence whistle-blower.

Such claims, he said, included “all the things they have foiled and all the things they wouldn’t be able to do if they didn’t have ‘bulk powers’ or they didn’t have the ability to break encryption,” Joshi told AFP.

“In practice, a lot of those claims have turned out to be a lot more feeble when examined in more detail.

“That’s why I think we have to be very sceptical about assuming that dragnet analysis has been key to these things.”

It is possible, Joshi said, that in the aftermath of the plane incident “GCHQ devoted particular resources to hoovering up communications from a localised area, perhaps from known Sinai Province sites in Egypt”.

“That wouldn’t necessarily have to have been a dragnet approach,” he said.

The initial information that the Russian jet in which 224 people were killed was downed by an attack could also have come from an agent on the ground in the Sinai Peninsula.

But the security services would never admit that and so “hid their tracks” by claiming it stemmed from intercepted calls, Joshi said.

In October 2010, a Saudi agent who had infiltrated Al-Qaeda in the Arabian Peninsula helped to foil an attack aimed at bringing down two cargo planes flying from Yemen to Chicago, using bombs hidden in printer cartridges.

The agent supplied the numbers of the packages in which the bombs were packed, allowing them to be intercepted before they could do any damage. No intelligence service had got a sniff of the plot until then.

by Michel Moutot

Obama said Not A “Smidgen” of Corruption at IRS — So why did they buy cell phone spying devices known as Stingrays — invasive surveillance technology

October 26, 2015

IRS ‘If the IRS is using it, it shows just how far these devices have spread,’ says ACLU


Stingrays, which mimic cell phone towers and send out signals to trick cell phones in the area into transmitting their locations and data, require only a low-level court order called a PEN register to grant permission for their use. (Photo: Electronic Frontier Foundation/flickr/cc)

For reasons that remain unclear, the Internal Revenue Service (IRS) has been in possession of the controversial cell phone spying devices known as Stingrays, the Guardian exclusively reported on Monday.

Invoices obtained following a request under the Freedom of Information Act show purchases made in 2009 and 2012 by the federal tax agency with Harris Corporation, one of a number of companies that manufacture the devices.

The ACLU, which has called for stricter oversight of the technology, describes Stingrays—also known as “cell site simulators” or “IMSI catchers”—as “invasive cell phone surveillance devices that mimic cell phone towers and send out signals to trick cell phones in the area into transmitting their locations and identifying information. When used to track a suspect’s cell phone, they also gather information about the phones of countless bystanders who happen to be nearby.”

Stingrays require only a low-level court order called a PEN register to grant permission for their use.

“Immense secrecy has so far surrounded these devices, but a picture is slowly emerging which shows widespread use,” write Guardian reporters Nicky Woolf and William Green. “Various revelations by the American Civil Liberties Union and news outlets including the Guardian had shown that at least 12 federal agencies are already known to have these devices, including the National Security Agency and the Federal Bureau of Investigation. The IRS makes 13.”

The devices are also used by local and in some cases state police departments, across at least 20 states, the Guardian adds. The ACLU provides a map here.

Just last week, Homeland Security Assistant Secretary Seth M. Stodder explained to a U.S. House subcommittee that the Secret Service, too, can employ Stingrays without a warrant if there’s believed to be a nonspecific threat to the president or another protected person.

Common Dreams needs you today!

While no one from the agency responded to a request for comment, a former IRS employee suggested to the Guardian that such widespread adoption across law enforcement agencies may in fact explain why the IRS would find itself utilizing such technology:

[Mark Matthews, a former deputy commissioner for services and enforcement at the agency who now works for the law firm Caplin and Drysdale] said the IRS on its own usually uses gentler investigation tactics. But increasingly, investigating agents from the agency are brought on board for joint operations with the FBI and other agencies when the latter need financial expertise to look at, for example, money laundering from drug organizations.

From these joint operations, he said, “the IRS had moved to drug work and had learned a lot of aggressive techniques in the money laundering and drug world, and these bad habits were leaking over into the tax world, which was supposed to be their real mission.”

Nate Wessler, a staff attorney with the speech, privacy, and technology project at the ACLU, told the Guardian: “The info showing that they are using Stingrays is generally consistent with the kinds of investigative tactics that they are engaging in, and it shows the wide proliferation of this very invasive surveillance technology.”

“It’s used by dozens, perhaps hundreds, of local law enforcement, used by the usual suspects at the federal level,” Wessler added, “and if the IRS is using it, it shows just how far these devices have spread.”

Read The Guardian’s Report:


China still trying to hack U.S. firms despite Xi’s vow to refrain, analysts say — Passed Obama’s “Red Line”?

October 19, 2015

October 19 at 12:01 AM
The Washington Post

Chinese government hackers have attempted in the past few weeks to penetrate the networks of U.S. companies to steal their secrets despite a pledge by China’s president that they would not do so, according to private researchers.

Chinese hackers have targeted at least seven U.S. companies since President Xi Jinping vowed last month in Washington that his country would not conduct cyber-economic espionage — the theft of trade secrets and intellectual property for the benefit of the nation’s industries, according to CrowdStrike, a firm that helps companies track and prevent intrusions.

In the three weeks since Xi left Washington — including the day after he left, on Sept. 26 — hackers linked to the Chinese government have attempted to gain access to tech and pharmaceutical companies’ networks, said Dmitri Alperovitch, CrowdStrike co-founder and chief technology officer, who released a report on the issue Monday.

The efforts continue to the present, sometimes several times a day, and appear to be distinct from traditional intelligence gathering, which is not covered by Xi’s pledge, Alperovitch noted.

[In a first, Chinese hackers are arrested at the behest of the U.S.]

The U.S. intelligence community is also seeing continued signs of cyber-economic espionage by Chinese hackers, according to a U.S. official, who spoke on the condition of anonymity because of the matter’s sensitivity. But what it means at this point is not clear.

One senior military cyber­defense official said recently that any cessation of Chinese economic espionage activity will play out over time. “I think it’s too early for any of us to see any of those changes,” said the U.S. Cyber Command’s deputy commander, Lt. Gen. James K. McLaughlin, speaking at the Center for Strategic and International Studies on Oct. 9.

Nonetheless, the fresh efforts by Chinese hackers, if they prove to be part of a renewed campaign of commercial espionage in cyberspace, will put pressure on the Obama administration to hold China accountable.

While in Washington for a state visit, Xi met with President Obama and promised that China would not “conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information for commercial advantage.”

Obama said Beijing must now follow through. “The question now is,” Obama said, “are words followed by actions?”

[Timeline: Intrusions detected by CrowdStrike]

A senior administration official said the White House is aware of CrowdStrike’s report. “We’ll decline comment on its specific conclusions,” said the official, who spoke on the condition of anonymity because of the issue’s sensitivity. “As we move forward, we will monitor China’s cyber activities closely and press China to abide by all of its commitments.”

The Washington Post reported in late August that the administration was preparing to impose — possibly even before Xi’s visit — economic sanctions on Chinese companies that benefited from government-sponsored hacking. But a promise by the Chinese government to refrain from such activity and its arrests of several hackers, among other gestures, helped persuade the administration to hold off on imposing sanctions.

But if the Chinese continue their behavior, the administration will act, officials said.

Standing next to Xi in the Rose Garden last month, Obama stressed that he had created a sanctions program earlier this year to be used when the administration has proof that the hackers have “gone after U.S. companies or U.S. persons.” He said he had told Xi “that we will apply [sanctions] and whatever other tools we have in our tool kit to go after cybercriminals, either retrospectively or prospectively.”

Many officials have been skeptical — some openly — that China would uphold its end of the agreement. One question: How much time should the administration give China to make changes in its behavior?

Some analysts noted that it could take time for China’s vast apparatus of cyberspies to be dismantled or refocused.

Another threat-detection company, FireEye, also has observed activity from likely Chinese government hacker groups since Sept. 25. “But it is premature to conclude that activity during this short timeframe constitutes economic espionage,” the firm’s intelligence director Laura Galante said in an e-mail. “Assessing the complexity of changes in state-sanctioned economic espionage requires far more sufficient time, data and viewpoints,” she said.

Alperovitch said he thinks enough time has passed. “The Chinese need to be held accountable for their continued attempts to steal IP and trade secrets through cyber-intrusions into commercial companies” he said. “The U.S government needs to make it clear that we will still use those sanctions unless these actions cease.”

CrowdStrike is not identifying the companies that were targeted, Alperovitch said. He said that CrowdStrike’s intrusion-detection platform prevented the hackers from gaining actual entry into their targets’ networks and no data was taken.

But, he said, the detection platform revealed tools and techniques, including servers in other countries, that are used by a variety of Chinese government hacking groups, including one that CrowdStrike has dubbed Deep Panda. For years, these groups have been targeting industries of strategic importance to China, including agriculture, chemical, financial, health care, and insurance sectors.
Ellen Nakashima is a national security reporter for The Washington Post. She focuses on issues relating to intelligence, technology and civil liberties.


Part of the building of 'Unit 61398', a secretive Chinese military unit, is seen in the outskirts of Shanghai February 19, 2013. The unit is believed to be behind a series of hacking attacks, a U.S. computer security company said, prompting a strong denial by China and accusations that it was in fact the victim of U.S. hacking. REUTERS/Carlos Barria (CHINA - Tags: POLITICS SCIENCE TECHNOLOGY MILITARY) - RTR3DZ82

Part of the building of ‘Unit 61398′, a secretive Chinese military unit, is seen in the outskirts of Shanghai February 19, 2013. The unit is believed to be behind a series of hacking attacks, a U.S. computer security company said, prompting a strong denial by China and accusations that it was in fact the victim of U.S. hacking. REUTERS/Carlos Barria

Looking for Evidence of a Successful Xi, Obama State Visit; But No Let Up in Cyber Attacks From China

October 19, 2015

The Associated Press

WASHINGTON — Chinese hacking attempts on American corporate intellectual property have occurred with regularity over the past three weeks, suggesting that China almost immediately began violating its newly minted cyberagreement with the United States, according to a newly published analysis by a cybersecurity company with close ties to the U.S. government.

The Irvine, California-based company, CrowdStrike, says it documented seven Chinese cyberattacks against U.S. technology and pharmaceuticals companies “where the primary benefit of the intrusions seems clearly aligned to facilitate theft of intellectual property and trade secrets, rather than to conduct traditional national security-related intelligence collection.”

“We’ve seen no change in behavior,” said Dmitri Alperovich, a founder of CrowdStrike who wrote one of the first public accounts of commercial cyberespionage linked to China in 2011.

One attack came on Sept. 26, CrowdStrike says, the day after President Barack Obama and Chinese President Xi Jinping announced their deal in the White House Rose Garden. CrowdStrike, which employs former FBI and National Security Agency cyberexperts, did not name the corporate victims, citing client confidentiality. And the company says it detected and thwarted the attacks before any corporate secrets were stolen.

A senior Obama administration official, speaking on condition of anonymity because he was not allowed to discuss the matter publicly, said officials are aware of the report but would not comment on its conclusions. The official did not dispute them, however.

The U.S. will continue to directly raise concerns regarding cybersecurity with the Chinese, monitor the country’s cyberactivities closely and press China to abide by all of its commitments, the official added.

The U.S.-China agreement forged last month does not prohibit cyberspying for national security purposes, but it bans economic espionage designed to steal trade secrets for the benefit of competitors. That is something the U.S. says it doesn’t do, but Western intelligence agencies have documented such attacks by China on a massive scale for years.

China denies engaging in such behavior, but threats of U.S. sanctions led Chinese officials to conduct a flurry of last-minute negotiations which led to the deal.

CrowdStrike on Monday released a timeline of recent intrusions linked to China that it says it documented against “commercial entities that fit squarely within the hacking prohibitions covered under the cyberagreement.”

The intrusion attempts are continuing, the company says, “with many of the China-affiliated actors persistently attempting to regain access to victim networks even in the face of repeated failures.”

CrowdStrike did not explain in detail how it attributes the intrusions to China, an omission that is likely to draw criticism, given the ability of hackers to disguise their origins. But the company has a long track record of gathering intelligence on Chinese hacking groups, and U.S. intelligence officials have often pointed to the company’s work.

“We assess with a high degree of confidence that these intrusions were undertaken by a variety of different Chinese actors, including Deep Panda, which CrowdStrike has tracked for many years breaking into national security targets of strategic importance to China,” Alperovich wrote in a blog posting that laid out his findings.

The hacking group known as Deep Panda, which has been linked to the Chinese military, is believed by many researchers to have carried out the attack on insurer Anthem Health earlier this year.

CrowdStrike and other companies have tracked Deep Panda back to China based on the malware and techniques it uses, its working hours and other intelligence.

In 2013, another cybersecurity company, Mandiant, published a report exposing what it said was a hacking unit linked to China’s People’s Liberation Army, including identifying the building housing the unit in Beijing. Those findings were later validated by American intelligence officials.

– See more at:


Part of the building of 'Unit 61398', a secretive Chinese military unit, is seen in the outskirts of Shanghai February 19, 2013. The unit is believed to be behind a series of hacking attacks, a U.S. computer security company said, prompting a strong denial by China and accusations that it was in fact the victim of U.S. hacking. REUTERS/Carlos Barria (CHINA - Tags: POLITICS SCIENCE TECHNOLOGY MILITARY) - RTR3DZ82

Part of the building of ‘Unit 61398′, a secretive Chinese military unit, is seen in the outskirts of Shanghai February 19, 2013. The unit is believed to be behind a series of hacking attacks, a U.S. computer security company said, prompting a strong denial by China and accusations that it was in fact the victim of U.S. hacking. REUTERS/Carlos Barria

Hillary Clinton’s E-Mail: Despite President Obama and Bernie Sanders Saying It’s All No Big Deal — There are 32 separate lawsuits related to public-records requests for the disputed emails from Clinton

October 15, 2015

By A. J. Mother Jones.Com

Sen. Bernie Sanders delivered one of the most enthusiastic applause lines of the first Democratic presidential debate when he came to Hillary Clinton’s defense over her use of a private email server during her time as secretary of state. After CNN’s Anderson Cooper asked Clinton about her upcoming testimony in front of Congress related to her emails, she offered the same answer she has repeatedly given in response.

“I’ve taken responsibility for it,” she said. “I did say it was a mistake.” She then employed her recent campaign strategy of linking the criticism of her email setup to the heavily politicized House Select Committee on Benghazi, which she described as “basically an arm of the Republican National Committee.”

But before everybody moved on, Sanders weighed in. “I think the secretary is right,” he said. “And that is, I think the American people are sick and tired of hearing about your damn emails.” Clinton smiled and thanked him, and the crowd roared its approval.

But some Americans are not sick and tired of her damn emails, and they want to hear more. The Republican members of the Benghazi committee and FBI investigators, who are currently looking into how classified material ended up on the server, are well-known examples. But tSee the rest:

and some top staffers during her time as secretary of state.

These requesters range from media outlets to Republican activists. Many of the suits are focused on specific foreign policy issues that she was likely to have addressed while secretary of state. Just last week, a federal judge denied a State Department request to assign a judge to coordinate all the cases. The State Department argued that because the cases are at various stages in front of 17 different judges, the situation was rife with “confusion, inefficiencies, and advantages given to some requesters at the expense of others.”

In denying the State Department’s request, the judge said there was already informal coordination to try to limit conflicting orders and search requirements, and also expressed doubt that the records would continue to be produced on schedule if a coordinating judge were to be assigned.

So, for now, the State Department and other government agencies will continue to manage each case individually. Below is a table of the 32 lawsuits. Several of them were brought by journalists or media organizations: The Associated Press has one, and Jason Leopold, a Vice News reporter who’s been instrumental in getting the emails released to the public, has two. Gawker Media’s suit is on the list, along with one brought by Shane Bauer, a Mother Jones reporter, who is suing the CIA, the FBI, and the State Department for records related to each agency’s handling of his imprisonment in Iran.

Another suit seeks the release of materials related to “Presidential Study Directive 11,” which some conservatives have argued revealed President Barack Obama’s plans to aid Islamist takeovers of governments across the Middle East. Another asks for records related to a Cambodian NGO that assisted girls and women who have escaped or been rescued from sex traffickers.

More than half of the cases in the State Department’s filing were brought by conservative groups. Judicial Watch, a conservative watchdog group, was responsible for 16 of the cases, seeking emails that contain references to the dealings of the Clinton Foundation and potential conflicts of interest, among other things. Veterans for a Strong America has one, and another is filed by Freedom Watch against the National Security Agency. Freedom Watch was founded by conservative activist Larry Klayman, who’s described by the Southern Poverty Law Center as “a pathologically litigious attorney and professional gadfly notorious for suing everyone from Iran’s Supreme Leader to his own mother.”

See the full list, along with case numbers, below:

See the rest:



Clinton’s email woes deepen as classified messages pile up

The number of emails now marked classified doubled with the latest release.

President Obama dismissed concern for Hillary Clinton’s email during his “60  Minutes” interview that aired on CBS on October 11, 2015:

NYT: Cyberthreat Posed by China, Russia and Iran Confounds White House

September 15, 2015


President Barack Obama will raise concerns about cyber security with Chinese President Xi Jinping when they meet in Washington later this month amid rising U.S. worries about Chinese hacking of American government and commercial targets, the White House said on Monday.

White House spokesman Josh Earnest said he did not have any updates on the timing of potential sanctions against China related to cyber attacks. U.S. officials held meetings last week with Meng Jianzhu, secretary of the Central Political and Legal Affairs Commission of the Chinese Communist Party, to discuss cyber concerns.

Read More: China is ‘Leading Suspect’ in OPM Hacks, Says Intelligence Chief James Clapper

“I think we’ve been pretty blunt in describing the concerns that we have withChina’s behavior in cyberspace. We have been blunt in our assessment that has significant consequences for our economy and for our national security,” said Earnest, speaking aboard Air Force One as Obama was flying to Iowa.

The official’s visit, ahead of Xi’s trip, showed the Chinese government understood the United States was serious about its concerns, Earnest said.

The Obama administration is considering targeted sanctions against Chinese individuals and companies for cyber attacks against U.S. commercial targets, several U.S. officials have said. Chinese hackers have also been implicated in the massive hacking of the U.S. government’s personnel office disclosed this year.

Read More: China Read Emails of Top U.S. Officials


President Obama speaks to US military members

President Obama speaking to military people at Fort Meade on Friday, September 11, 2015. AFP photo

Cyberthreat Posed by China and Iran Confounds White House

The New York Times

WASHINGTON — A question from a member of the Pentagon’s new cyberwarfare unit the other day prompted President Obama to voice his frustration about America’s seeming inability to deter a growing wave of computer attacks, and to vow to confront the increasingly aggressive adversaries who are perpetrating them.

“Offense is moving a lot faster than defense,” Mr. Obama told troops on Friday at Fort Meade, Md., home of the National Security Agency and the United States Cyber Command. “The Russians are good. The Chinese are good. The Iranians are good.” The problem, he said, was that despite improvements in tracking down the sources of attacks, “we can’t necessarily trace it directly to that state,” making it hard to strike back.

Then he issued a warning: “There comes a point at which we consider this a core national security threat.” If China and other nations cannot figure out the boundaries of what is acceptable, “we can choose to make this an area of competition, which I guarantee you we’ll win if we have to.”

Read the rest:


China tells U.S. to stop ‘groundless’ hacking accusations

September 11, 2015



China reacted angrily on Friday following a call by America’s top intelligence official for cyber security against China to be stepped up, and said the United States should stop “groundless accusations”.

Director of National Intelligence James Clapper said the United States must beef up cyber security against Chinese hackers targeting a range of U.S. interests to raise the cost to China of engaging in such activities.

Clapper’s testimony adds pressure on Beijing over its conduct in cyberspace weeks before President Xi Jinping visits the United States.

China routinely denies any involvement in hacking and says it is also a victim.

“Maintaining cyber security should be a point of cooperation rather than a source of friction between both China and the United States,” Chinese Foreign Ministry spokesman Hong Lei told a daily news briefing.

“We hope that the U.S. stops its groundless attacks against China, start dialogue based on a foundation of mutual respect, and jointly build a cyberspace that is peaceful, secure, open and cooperative.”

The Obama administration is considering targeted sanctions against Chinese individuals and companies for cyber attacks against U.S. commercial targets, several U.S. officials have said.

Chinese hackers wee also implicated in extensive hacking of the U.S. government’s personnel office disclosed this year.

 President Xi Jinping pictured with Barack Obama in the Great Hall of the People in Beijing last November. Photo: AP

China’s top diplomat took a softer line in an interview published on Friday in the state-run China Daily, saying China and the United States can cooperate and work with other countries on global cyber security rules in a spirit of respect.

“China and the United States actually can make cyber security a point of cooperation,” State Councilor Yang Jiechi said in the interview, which focused on Xi’s state visit to America.

“We hope China, the United States and other countries could work together to work out the rules for cyber security in the international arena in the spirit of mutual respect, equality and mutual benefit,” said Yang, who outranks the foreign minister.

Yang noted, as Chinese officials regularly do, that China was itself a hacking victim and said suspected cases should be investigated and handled “on a solid, factual basis”.

His comments were not a direct reaction to Clapper’s.

On another point of friction between the United States and China – territorial disputes in the South China Sea – Yang said he hoped the United States would stay on the sidelines because it was not part of the disputes.

He added, though: “It is important for both countries to stay in close touch even if they have different perceptions and views.”

(Reporting by Sui-Lee Wee; Additional reporting by John Ruwitch in Shanghai; Writing byBen Blanchard; Editing by Robert Birsel)


U.S. must tighten cyber security to counter Chinese

September 10, 2015



The United States must beef up cyber security against Chinese hackers targeting a broad range of U.S. interests to raise the cost to China of engaging in such activities, America’s top intelligence official said on Thursday.

The testimony by Director of National Intelligence James Clapper before a congressional committee added to pressure on Beijing over its conduct in cyberspace just weeks before Chinese President Xi Jinping makes a state visit to Washington.

Presenting a dire assessment of global cyber risks, Clapper said China and Russia posed the most advanced cyber threats but that Iran and North Korea could also cause serious disruptions despite having less sophisticated technology.

“Chinese cyber espionage continues to target a broad spectrum of U.S. interests, ranging from national security information to sensitive economic data and U.S. intellectual property,” he told the House of Representatives intelligence committee.

Director of National Intelligence James Clapper (R) testifies, at a House (Select) Intelligence Committee hearing on “World Wide Cyber Threats” on Capitol Hill in Washington September 10, 2015. REUTERS/Gary Cameron

The Obama administration is considering targeted sanctions against Chinese individuals and companies for cyber attacks against U.S. commercial targets, several U.S. officials have said.

Chinese hackers have also been implicated in the massive hacking of the U.S. government’s personnel office disclosed this year. Two breaches of security clearance applications exposed the personal data of more than 20 million federal employees.

Clapper did not explicitly blame China for hacking the Office of Personnel Management, but he said the breach could compromise the cover of U.S. spies abroad, though he said there had not yet been any signs of “nefarious” use of the data.

“It’s a significant counter-intelligence threat,” FBI director James Comey testified at the same hearing.

China has denied any involvement in hacking U.S. government and corporate databases and insists that it too has been a victim of cyber attacks.

After the OPM hack, there have been increasing calls on Capitol Hill and on the Republican presidential campaign trail for President Barack Obama to take a tougher line against China on cyber issues. Obama is due to meet Xi in late September.

Clapper called for tighter U.S. cyber security measures and

said improved U.S. cyber security would complicate Chinese cyber espionage “by addressing the less sophisticated threats and raising the cost and risk if China persists.”

Clapper said the risk of a “catastrophic attack” was remote now, but he added: “we foresee an ongoing series of low-to-moderate-level cyber attacks from a variety of sources over time, which will impose cumulative costs on U.S. economic competitiveness and national security.”

Clapper warned that while most major cyber attacks today involve theft of data, in the future hackers could change or manipulate information in databases to compromise their integrity.

Admiral Mike Rogers, director of the National Security Agency, told the committee that since a high-profile

hack last year of Sony Pictures, which U.S. officials said was carried out by North Korea’s response to a film lampooning its leader Kim Jong Un, no evidence had surfaced of further North Korean cyber attacks on U.S. companies.

But he said there had been North Korean cyber attacks on other countries, though he did not name them.

(Writing by Matt Spetalnick; Editing by Bill Trott and James Dalgleish)



Get every new post delivered to your Inbox.

Join 926 other followers