Shady Rat Hacking Is Not About China

Jeffrey Carr, author of O’Reilly Media’s ‘Inside Cyber Warfare‘, argues that McAfee’s supposed revelations about large-scale Chinese hacking attacks are a smokescreen:

Shady Rat is not about China, even though Dmitri Alperovitch and McAfee want it to be. Instead it is an indictment of McAfee as an Information Security company; utterly impotent to protect its clients against the very serious, ongoing theft of Intellectual Property by multiple state and non-state actors around the world. Regardless of what the billion dollar APT marketing machine wants you to believe, the Peoples Republic of China is not the only nation state that is leveraging cyberspace to acquire key technology. I can name at least a dozen, and that number will double by this time next year. The problem isn’t with China or any other government involved in illegal technology transfer. Espionage must be the world’s third oldest profession. The problem is that many of the targeted corporations at one point believe in the snake oil remedy sold to them by McAfee and others like them. But not any more. Bloomberg just posted an article about an hour ago – “Hacker ‘Armageddon’ Forces Symantec, McAfee to Seek Fixes” ….

Big InfoSec continues to push a failed model of information security and the Shady Rat report graphically displays why. Dmitry Alperovich neglected to mention that part in his white paper; probably because it’s a lot easier to blame China than to acknowledge how you and your company have been profiting from a failed security model for all these years while hiding that fact from your customers.

Carr is also quoted in The Daily Beast’s description of the Chinese reaction:

“Over so many years, there have been so many accusations against the Chinese government about launching cyberspace attacks,” said Shi Yanhong, an international relations expert at People’s University in Beijing. “In this context, if you look at Chinese foreign policy style, I don’t think the Chinese government would be so bold to continue this kind of activity.” The foreign ministry declined to comment to The Daily Beast.

In the absence of stronger evidence, it is possible that China played a limited, or nonexistent, role in this round of hacking. “That’s the big problem,” says Jeffery Carr, CEO of Taia Global, a cybersecurity firm. “Not that China doesn’t do it, but that you need to have a better caliber of evidence.” Until then, as Shi says, neatly summing up the Chinese point of view, “I think many, many people are not in a position to judge.”

See also the Vanity Fair articles in which Alperovich’s accusations emerged, the People’s Daily’s reaction, via Reuters, and other coverage of the story via CDT; also past CDT coverage of hacking, including recent intrusion into a Caixin reporter’s email account, a Q&A with a Council on Foreign Relations cybersecurity expert, and a description of China’s own defences, which are said to be surprisingly weak.