According to a recent AP story , “U.S. authorities are investigating whether Chinese officials secretly copied the contents of a government laptop computer during a visit to China by Commerce Secretary Carlos M. Gutierrez and used the information to try to hack into Commerce computers…..Surreptitious copying is believed to have occurred when a laptop was left unattended during Gutierrez’s trip to Beijing for trade talks in December, people familiar with the incident told the AP.
Serves you right for leaving a laptop lying around. Still, as the story explains, “it would be highly unorthodox for any U.S. government official to carry classified data on a laptop overseas to China, especially one left unattended even briefly. Modern copying equipment can duplicate a laptop’s storage drive in just minutes.”
Actually, it is so dumb –and the U.S. officials normally so paranoid about this sort of thing–that you have to wonder whether this was actually some kind of double bluff, ie they deliberately left the laptop around to be copied in the hope that some bogus piece of info they’d planted on it would convince the Chinese of its veracity.
That may seem a little paranoid, but as I discovered when reporting a story about Chinese hackers recruited by the People’s Liberation Army, China is well ahead of the U.S. in the cyberwar preparation stakes. But it definitely cuts both ways and I’m sure Chinese officials don’t leave their laptops around when they go to Washington. China is more active because of its asymmetrical warfare strategy, which involves turning the U.S.’ technological superiority against itself, for example by shooting down satellites the Pentagon relies on so heavily.
On a more mundane level, I often wonder what exactly has been installed on our computers in the bureau, where there is sometimes evidence of mysterious midnight activities that I don’t think could have been Santa’s elves. I have come in on several mornings to find all the connecting cords on my computer (printer/speakers etc) unplugged (and no, it wasn’t the cleaners: I asked). In addition, my brand new Macbook just completely self-destructed and is now having its hard drive replaced. This seems odd to put it mildly as it has been sitting on my desk for the past couple of weeks virtually unused, so unlikely to have suffered any of the shock to the system type problems that usually cause this sort of disaster. A less trusting mind might wonder how that could come about. Or maybe I am just being paranoid. Still, it may pay to be a extra careful. The AP story cited above has this little nugget in it which shows that it’s not just laptops you have to worry about:
A senior U.S. intelligence official, Joel F. Brenner, recounted a separate story of an American financial executive who traveled to Beijing on business and said he had detected attempts to remotely implant monitoring software on his handheld “personal digital assistant” device — software that could have infected the executive’s corporate network when he returned home. The executive “counted five beacons popped into his PDA between the time he got off his plane in Beijing and the time he got to his hotel room.” Brenner, chief of the office of the National Counterintelligence Executive under the CIA, said during a speech in December.
Brenner recommended throwaway cellular phones for any business people traveling to China.
“The more serious danger is that your device will be corrupted with malicious software that takes only a second or two to download — and you will not know it — and that can be transferred to your home server when you collect your e-mail,” he said.