Officials: Chinese hackers launched espionage effort against 2008 presidential campaign

The spies were after private emails and internal position papers written by key advisors, looking for clues as to the candidate’s positions on China politically and economically, according to NBC. But they also lifted sensitive information such as private correspondence from McCain to the president of Taiwan.

“Based on everything I know, this was a case of political cyber-espionage by the Chinese government against the two American political parties,” Dennis Blair told NBC. He served as President Obama’s director of national intelligence in 2009 and 2010. “They were looking for positions on China, surprises that might be rolled out by campaigns against China.”

As with many cyber-intrusions, the espionage effort went unnoticed for months, until the FBI uncovered the problem in the summer of 2008. Without linking the attack to China, Obama went on to mention the breach in May 2009: “Hackers gained access to emails and a range of campaign files, from policy position papers to travel plans,” he said.

The compromise began, as with so many other similar attacks, with a phishing email purporting to outline the agenda for an upcoming meeting, containing a malware-laden .Zip file.

Amid increased scrutiny of China’s suspected ongoing cyber-spy activities against the US, the scope of the 2008 incidents is now becoming clear. “There’s been successful exfiltration of data from government agencies (by the Chinese) up and down Pennsylvania Avenue,” said Shawn Henry, president of CrowdStrike and the head of the FBI investigation into the 2008 attacks, speaking to NBC.

This isn’t the first high-profile theft attributed to China in recent weeks. In early May it was reported that one of the top espionage and military contractors for the US, QinetiQ North America, has been successfully compromised by the China-based Comment Crew, and its information siphoned off.

The security firm Mandiant made waves earlier in the year by linking widespread theft of state and corporate secrets to a group of hackers affiliated with the People’s Liberation Army. Recently it said that after a short hiatus, the group is back with a vengeance, looking to to steal everything from technology blueprints to business plans to manufacturing information.

It’s no surprise that state-backed hacking and spying is expected to be on the docket for the US and Chinese presidents to discuss over the weekend, although Chinese officials continue to deny any role in cyberespionage: “China opposes all forms of cyberattacks,” Zheng Zeguang, assistant Chinese foreign minister, said last week.

Meanwhile, a pair of bills are making their way through Congress as well: the Deter Cyber Theft Act and the just-introduced Cyber Economic Espionage Accountability Act. The former looks to establish a tracking system for espionage efforts and to block foreign products created with US atolent intellectual property, while the latter would freeze the assets of foreign-backed hackers, revoking visas and deporting them and their families.


What’s hot on Infosecurity Magazine?