Over the past couple of months, a large number of reports have been published about Chinese hackers attacking major organizations. However, experts warn that these are acts of espionage and they should not be mistaken for cyberwar.
The recent Mandiant report provides interesting evidence that China might be behind some major cyberattacks, but as many experts have pointed out after the study was published, China’s involvement in such operations is not something new.
“These attacks happen all the time, and just because the media is reporting about them with greater frequency doesn't mean that they're happening with greater frequency,” famous security expert Bruce Schneier explained on his personal blog.
“This is not cyberwar. This is not war of any kind. This is espionage, and the difference is important. Calling it war just feeds our fears and fuels the cyberwar arms race,” he added.
Schneier cites Gary McGraw, CTO at Cigital, who detailed for Computerworld the differences between a cyberwar – which according to him, involves blowing things up – and cyber espionage.
“Because espionage unfolds over months or years in realtime, we can triangulate the origin of an exfiltration attack with some certainty. During the fog of a real cyber war attack, which is more likely to happen in milliseconds, the kind of forensic work that Mandiant did would not be possible,” McGraw noted in an email sent to Schneier.
Schneier believes that all this “media frenzy” will be exploited by the US military to increase its cyberspace capabilities.
“They're already ramping up the U.S. Cyber Command. President Obama is issuing vague executive orders that will result in we-don't-know what. I don't see any good coming of this,” he noted.
On Tuesday, we learned that Chinese officials were also concerned that the recent accusations might have a serious impact on international cooperation. They urged US companies to stop publishing defamatory reports.