Night Dragon stalks US

Was the Peoples Liberation Army,which is suspected of being behind the hacking group,trying to plant bugs into the system so they could cut off energy supplies and shut down the power grid if the United States and China ever confronted each other in the Pacific? Or were the Chinese hackers just trolling for industrial secrets?

We are still trying to figure it out, a senior US intelligence official said. They could have been doing both.

To some,it is prime evidence of the threat that President Barack Obama highlighted in his State of the Union address,when he warned that our enemies are also seeking the ability to sabotage our power grid,our financial institutions,our air traffic control systems,perhaps causing mass casualties. Obama called anew for legislation to protect critical infrastructure.

But the security breach of Telvent,which the Chinese government has denied,also raises questions of whether those fears may be somewhat overblown,or whether the precise nature of the threat has been misunderstood.

US intelligence officials believe that the greater danger to the nations infrastructure may not even be China,but Iran,because of its avowal to retaliate for the Stuxnet virus created by the US and Israel and unleashed on one of its nuclear sites. But for now,these officials say,that threat is limited by gaps in Iranian technical skills.

There is no doubt that attacks of all kinds are on the rise. The Department of Homeland Security got reports of 198 attacks on the nations critical infrastructure systems last year,a 52 per cent increase from 2011.

Researchers at McAfee,a security firm,discovered in 2011 that five multinational oil and gas companies had been attacked by Chinese hackers. The researchers suspected that the Chinese hacking campaign,which they called Night Dragon,had affected more than a dozen companies in the energy industry. In January,the Department of Energy confirmed that its network had been infiltrated,though it has said little about the damage,if any.

But security researchers say that the majority of those attacks were as ambiguous as the Telvent case. They appeared to be more about cyber espionage intended to bolster the Chinese economy. If the goal was to blow up a pipeline or take down the US power grid,the attacks would have been of a different nature.

In a recent report,Critical Intelligence,an Idaho Falls security company,said that several cyber attacks by Chinese adversaries against North American energy firms seemed intended to steal fracking technologies,reflecting Chinese fears that the shale energy revolution will tip the global energy balance back in Americas favour. These facts are likely a significant motivation behind the wave of sophisticated attacks affecting firms that operate in natural gas,as well as industries that rely on natural gas as an input, the Critical Intelligence report said.

US intelligence experts believe that the primary reason China is deterred from conducting an attack on infrastructure in the US is the simple economic fact that anything that hurts Americas financial markets would also have consequences for its own economy.

Iran,however,may be a different kind of threat. While acknowledging that China is stealing our intellectual property at a rate that qualifies as an epidemic,Representative Mike Rogers,who chairs the House Intelligence Committee,added a caveat in an interview. China is a rational actor, he said. Iran is not a rational actor.

While the skills of Irans newly created cybercorps are in doubt,Iranian hackers gained some respect in the technology community when they brought down 30,000 computers belonging to Saudi Aramco,the worlds largest oil producer,last August,replacing their contents with an image of a burning American flag. The attack did not affect production facilities or refineries,but it made its point.

Obama has been vague about how the US would respond to such an attack. Attorney General Eric H Holder Jr has made it clear it would be dealt with in criminal courts,though the prosecutions of cyber theft by foreign sources have been few.

But the question of whether the president could,or should,order military retaliation for major attacks is a roiling debate. Some have called for authorising the military to defend private corporate networks and critical infrastructure sectors, Candace Yu,who studies the issue for the Truman National Security Project,wrote recently. This is unrealistic. The military has neither the specialised expertise nor the capacity to do this.

But the administration has failed to convince Congress that the first line of defence to avert catastrophic cyber attack is to require private industry which controls the cellphone networks and financial and power systems that it must build robust defences. We are in a race against time, Michael Chertoff,the former secretary of homeland security,said at a San Francisco security conference last week. The government is not going to be able to manage this like the air traffic control system. Were going to have to enlist a large number of independent actors.

There are 12 countries developing offensive cyberweapons; Iran is one of them, James Lewis,a cybersecurity expert at the Center for Strategic and International Studies in Washington,said at the conference. Those countries have a long way to go,he said,but added: Like nuclear weapons,eventually theyll get there.