Reports that a large unit of computer hackers in Shanghai with connections to the Chinese government has infiltrated dozens of American companies, including Apple, have increased worries that the engines of U.S. life, such as banks, energy pipelines and water supplies, could be in danger of an attack that could cripple them and even lead to loss of life.
“I call it cyberterrorism that makes 9/11 pale in comparison,” Rep. Mike Rogers, a Michigan Republican and chair of the House Intelligence Committee, told NBC News on Tuesday.
A cyber security firm named Mandiant issued a 60-page report detailing its work tracking more than a hundred cases of cyberterrorism against U.S. firms back to a 12-story office tower in Shanghai, which houses a unit linked to the Chinese military.
Mandiant claims the Chinese hackers have stolen hundreds of terabytes of data, including technology blueprints, proprietary manufacturing processes, business plans and partnership agreements.
“They’ve compromised over 141 corporations across 20 different industries and stolen just a wealth of intellectual property,” Dan McWhorter, who oversees Mandiant’s threat intelligence business unit, told NPR. Most of the victimized companies were American.
McWhorter believes the hackers are trying to steal intellectual property to help Chinese companies compete against U.S. and other foreign firms.
“In China, the government is very intimately involved in industry,” McWhorter says, “so I think the PLA (People’s Liberation Army) is motivated to take these documents for huge economic gain.”
In China, the reaction to the Mandiant report was dismissive.
The Chinese Ministry of Foreign Affairs called the allegations ‘‘unprofessional.’’
‘‘Making unfounded accusations based on preliminary results is both irresponsible and unprofessional, and is not helpful for the resolution of the relevant problem,’’ said Hong Lei, a ministry spokesman, according to The New York Times, which obtained an advance copy of the Mandiant report. ‘‘China resolutely opposes hacking actions and has established relevant laws and regulations and taken strict law enforcement measures to defend against online hacking activities.”
Hong also questioned whether any investigators could say for certain where the hackers originated.
“Cyberattacks are anonymous and transnational, and it is hard to trace the origin,” said Hong, “so I don’t know how the findings of the report are credible.”
Hong also claimed that China has also suffered from cyberattacks, likely coming from the U.S. In 2012, foreign hackers seized control of 14 million Chinese computers.
“China is also a victim of cyberattacks,” he said. “In the attacks mentioned above, the number of attacks originating from the U.S. ranks first.”
But Mandiant had few doubts about the source of the attacks. In fact, McWhorter said, tracking the attacks to the Chinese unit in Shanghai wasn’t difficult because the volume of data stolen was enormous and the operation has been going on for so long.
“We just followed the data, followed the breadcrumbs,” McWhorter told NPR. “All the network communication kept going back to Shanghai, again and again.”
“Either they are coming from inside Unit 61398,” Kevin Mandia, the founder and chief executive of Mandiant, told the Times, “or the people who run the most-controlled, most-monitored Internet networks in the world are clueless about thousands of people generating attacks from this one neighborhood.”
President Obama alluded to the cyberthreat in his State of the Union address last week, saying, “Now our enemies are also seeking the ability to sabotage our power grid, our financial institutions, our air traffic control systems.”
According to the White House, it is “aware” of the Mandiant report. Tommy Vietor, the spokesman for the National Security Council, said, “We have repeatedly raised our concerns at the highest levels about cybertheft with senior Chinese officials, including in the military, and we will continue to do so.”
According to The Times, the president signed a directive last week to share with American Internet providers information it has gathered about the unique digital signatures of the Chinese units.
The U.S. has also been using its own cyber attackers to disrupt Iran’s uranium enrichment program, working alongside Israel, The Times pointed out. But U.S. officials claim to operate under strict rules and do not use the attacks for nonmilitary purposes or stealing corporate data.
“In the cold war, we were focused every day on the nuclear command centers around Moscow,” one senior defense official told The Times. “Today, it’s fair to say that we worry as much about the computer servers in Shanghai.”
According to McWhorter, there were no signs that Chinese hackers tried to disable the American infrastructure — but they could.
“If you have the ability to steal the documents, you could have just as easily crashed the hard drives,” he told NPR. “From a national security standpoint, that’s very scary.”