China Reportedly Hacked Chamber Of Commerce
LYNN NEARY, HOST:
Now, a new case of cyber espionage involving China. Today, the U.S. Chamber of Commerce acknowledged that the organization was hacked from China two years ago. The Chamber says the intrusion lasted at least six months before it was discovered and shut down. During that time, the hackers apparently had access to all the data stored on the Chamber's computer systems. Officials there say hackers targeted four employees who work on Asia-related policy.
Joining us now is NPR's Tom Gjelten. Welcome, Tom.
TOM GJELTEN, BYLINE: Hello, Lynn.
NEARY: So this certainly sounds like a serious security breach. What happened?
GJELTEN: Well, you know, a group of hackers, and apparently from China, was able to break into the Chamber's computer systems in November 2009, possibly even earlier, and stay there until May 2010 when the Chamber's cyber security people were able to shut the door. We learned of it today through a report in the Wall Street Journal and Chamber officials are now confirming that report.
One official there says the scope of the attack was limited, but the hackers had access to a lot of email during that time. Obviously, the chamber has many member companies that do business in China. They share information and, as you say, this intrusion apparently targeted four chamber officials who specialize in Asia.
NEARY: Well, any idea what they were looking for or what information they ended up getting?
GJELTEN: Well, the chamber's chief operating officer says the hackers knew who they were after. What's not so clear is what they were after. One possibility is that they were gathering personal information about these individuals so they could send out fake emails with details from these individuals that made those emails look legitimate. That's called social engineering and it's a widely used technique, especially by Chinese hackers.
NEARY: You say Chinese hackers and there's been a lot of reports about cyber espionage stemming from China. What's going on here?
GJELTEN: You know, Lynn, all the cyber security people we talked to say there's just a ton of cyber espionage coming out of China these days. Hackers are stealing technological secrets, trade secrets, computer code, design plans, you name it. The security people say it's like a vacuum cleaner approach. They just suck up everything they find.
But what's behind this is that China wants to catch up to the west. Now, they don't have the business environment to support innovation. You don't see the Chinese equivalent of companies like IBM or Google or Apple popping up there, so rather than develop their own ideas and technology, they just steal it. That's the background here. At least, that's what we hear from U.S. intelligence officials and security people.
NEARY: And the Chinese government's not acknowledging any role in this attack on the chamber of commerce?
GJELTEN: They say there's no evidence, but cyber security people who have investigated other intrusions blamed on China say it's pretty easy to tie them back there and it's hard to see how the government would not be involved in some way, given the way China works.
Chamber officials say they have no doubt that this intrusion did come from China.
NEARY: NPR's Tom Gjelten. Thanks very much, Tom.
GJELTEN: You bet.
(SOUNDBITE OF MUSIC)
ROBERT SIEGEL, HOST:
This is NPR News.
NPR transcripts are created on a rush deadline by a contractor for NPR, and accuracy and availability may vary. This text may not be in its final form and may be updated or revised in the future. Please be aware that the authoritative record of NPR’s programming is the audio.