Exclusive:
Director-general of MI5 sends letter to British companies warning systems are under attack from China
The Government has openly accused China of carrying out state-sponsored espionage against vital parts of Britain’s economy, including the computer systems of big banks and financial services firms.
In an unprecedented alert, the Director-General of MI5 sent a confidential letter to 300 chief executives and security chiefs at banks, accountants and legal firms this week warning them that they were under attack from “Chinese state organisations”. It is believed to be the first time that the Government has directly accused China of involvement in web-based espionage. Such a blunt and explicit warning from Jonathan Evans could have serious diplomatic consequences and cast a shadow over Gordon Brown’s first official visit to China as Prime Minister early in the new year.
A summary of the MI5 warning, a copy of which has been seen by The Times, was posted on a secure government website. It says that Mr Evans wrote to business leaders “warning them of the electronic espionage attack”.
The summary, on the website of the Centre for the Protection of the National Infrastructure, says: “The contents of the letter highlight the following: the Director-General’s concerns about the possible damage to UK business resulting from electronic attack sponsored by Chinese state organisations, and the fact that the attacks are designed to defeat best-practice IT security systems.”
It adds: “The letter acknowledges the strong economic and commercial reasons to do business with China, but the need to ensure management of the risks involved.”
Access to the site is limited to groups that form part of the country’s critical infrastructure, which include telecoms firms, banks and water and electricity companies. The document gives warning that British companies doing business in China are being targeted by the Chinese Army, which is using the internet to steal confidential commercial information. The Home Office refused to comment last night on what it called leaked private correspondence. A spokesman for the Chinese Embassy in London said he was unaware of the allegations and that the embassy had not received any complaints from the British authorities.
Martin Jordan, a principal adviser at the accountants KPMG, who has seen the contents of the letter, said: “If the Chinese know that a British firm is trying to buy a company or other assets such as land in China then they are using every means at their disposal to discover details such as exactly how much money the British company is prepared to spend for that asset.”
Firms known to have been compromised recently by Chinese attacks are one of Europe’s largest engineering companies and a large oil company, The Times has learnt. Another source familiar with the MI5 warning said, however, that known attacks had not been limited to large firms based in the City of London. Law firms and other businesses in the regions that deal even with only small parts of Chinese-linked deals are being probed as potential weak spots, he said.
A security expert who has also seen the letter said that among the techniques used by Chinese groups were “custom Trojans”, software designed to hack into the network of a particular firm and feed back confidential data. The MI5 letter includes a list of known “signatures” that can be used to identify Chinese Trojans and a list of internet addresses known to have been used to launch attacks.
A big study gave warning this week that Government and military computer systems in Britain are coming under sustained attack from China and other countries. It followed a report presented to the US Congress last month describing Chinese espionage in the US as so extensive that it represented “the single greatest risk to the security of American technologies”.
Ian Brown, of Oxford University, one of the report’s authors, said that attacks traced back to China have been found attempting to crack Whitehall passwords. The report identified China as the country most active in internet-enabled spying operations and attacks but says that 120 other countries are using the same techniques.
The Centre for the Protection of National Infrastructure, one of several British bodies charged with protecting the country’s computer systems, has described the threat posed by cyber attacks as enormous.
Defence departments across the globe are already rewriting manuals for a future of digital warfare. The US has recorded 37,000 attempted breaches of government and private systems this year and a new unit at the US Air Force, staffed by 40,000 people, has been set up to prepare for cyber-war.
The Virtual Criminology Report found that attacks had progressed from initial curiosity probes to well-funded and well-organised operations for political, military, economic and technical espionage.[1]
Reference:
[1]http://business.timesonline.co.uk/tol/business/industry_sectors/technology/article2980250.ece
1 comment:
The Chinese Foreign Minister today denied his country is using the internet to spy on others and said China has itself been a victim of cyber-espionage.
Yang Jiechi said: “The Chinese government firmly opposes hacking attacks ... these are prohibited by law.”
Speaking at a press conference London with the Foreign Secretary David Miliband, Mr Yang added: “Actually a number of Chinese agencies have been attacked by hackers.”
The comments were made after The Times revealed that the Director-General of MI5 had sent letters to 300 executives and security chiefs at banks, accounting and legal firms warning them that Chinese state agencies were hacking into their systems and trying to steal confidential information.
A Chinese Foreign Ministry spokesman yesterday claimed that the report was slanderous and prejudiced and ignored the political, economic and social progress made by the country. China also alleged that the report was an attempt to put obstacles in the way of improved ties between Britain and China.
Gordon Brown is expected to make an official visit to Beijing in January. Mr Yang said he expected the trip to focus on “promoting world peace and security”.
The Times reported on Saturday that Jonathan Evans, the head of MI5, had written to businessmen warning them of industrial cyber-espionage that had been traced back to China. People who had seen the letter told The Times that the security forces believed that companies doing business in China were under particular threat from hackers.
The hackers are thought to include specialists with links to the People's Liberation Army (PLA). Hackers connected to the Chinese military have also been accused by computer experts of carrying out cyber attacks on the US Pentagon, the British Parliament and the German Chancellery.[1]
[1]http://business.timesonline.co.uk/tol/business/industry_sectors/technology/article3006792.ece
Post a Comment