China syndromeTwelve Chinese hacker groups responsible for attacks on U.S.

China has organized a dozen hacker groups to attack U.S. // Source: thehackernews.com

U.S. cybersecurity experts say as few as twelve different Chinese hacker collectives, working at the behest of the government, are responsible for the majority of cyberattacks on U.S. businesses and government agencies.

The bulk of the attacks are stealthy in nature and have resulted in the loss of billions of dollars’ worth of intellectual property and state secrets from the private and public sector.

According to cybersecurity experts speaking anonymously to News24, the Chinese hackers often have distinct digital signatures that U.S. officials use to link them to specific hacker teams.

Even though officials have traced the cyberattacks to China, it is notoriously difficult to pinpoint with certainty where a specific attack originates from. Additionally China has vehemently denied that it sponsors hackers and since the United States does not have an agreement with the Chinese government, it cannot prosecute hackers based there.

Cybersecurity experts and military officials are becoming increasingly frustrated with these attacks and are urging the government to do more.

“Industry is already feeling that they are at war,” said James Cartwright, a retired Marine general and the former vice chair of the Joint Chiefs of Staff.

Cartwright has been vocal in his calls for the U.S. government to hold China and other countries that sponsor hackers accountable.

“Right now we have the worst of worlds,” said Cartwright. “If you want to attack me you can do it all you want, because I can’t do anything about it. It’s risk free, and you’re willing to take almost any risk to come after me.”

Instead, the United States “needs to say, if you come after me, I’m going to find you, I’m going to do something about it. It will be proportional, but I’m going to do something… and if you’re hiding in a third country, I’m going to tell that country you’re there, if they don’t stop you from doing it, I’m going to come and get you.”

Jon Ramsey, the head of Dell SecureWorks’ counter threat unit, echoed General Cartwright’s sentiments, stating, the government “needs to do more to increase the risk” for hackers.

“In the private sector we’re always on defense. We can’t do something about it, but someone has to. There is no deterrent not to attack the United States,” he said.

To that end, the Pentagon recently updated its military strike policy adding that cyberattacks on the United States could result in a physical response. The military has also been actively bolstering its own cyberdefense and warfare capabilities, standing up Cyber Command and training thousands of troops to wage war on digital battlefields.

In addition, a recently released Congressional report concluded that Chinese and Russian hackers backed by their respective states are actively stealing U.S. trade and technology secrets to boost their economic development.

“The pace of foreign economic collection and industrial espionage activities against major U.S. corporations and U.S. government agencies is accelerating,” the report said.

In the past, Chinese cyberattacks primarily targeted the U.S. government, but in the last decade, hackers have focused more and more on private businesses, especially defense contractors and businesses in energy, finance, and other critical sectors.

To stop these attacks, General Cartwright said the U.S. government should implement a clear policy on how it responds to cyberattacks.

He said, once a hacker is detected, the State Department should first ask the country to stop the attack. If that country does not cooperate, then the United States has the right to shut down the computer server from allowing the attack to continue by any means necessary but being mindful to avoid collateral damage.