Analysis: China an ‘easy scapegoat’, says leading cybersecurity expert

Mikko Hypponen

By JOSEPH FITSANAKIS | intelNews.org |
It is fashionable nowadays to single out China as the primary source of global cyberespionage. During the past few days alone, the Japanese government said Chinese hackers had attacked computers systems in its Lower Parliament, while Britain’s General Communications Headquarters (GCHQ) pointed to Beijing as the main culprit behind an unprecedented rise in organized cyberattacks. A few days ago, the United States intelligence community publicly named for the first time China and Russia as “the most aggressive collectors” of US economic information and technology online. But is the image of China as the ultimate cyber-villain accurate? Not necessarily, according to leading cybersecurity expert Mikko Hypponen. Speaking earlier this week at the PacSec 2011 conference in Tokyo, Japan, Hypponen, who leads computer security firm F-Secure, disputed the predominant view that a single country could be the source of the majority of organized cyberattacks directed against governmental and corporate targets. It is true, said Hypponen, that cyberespionage attacks “are commonly attributed to the Chinese government”. Moreover, it does appear like “a lot” of these attacks are indeed coming from Chinese sources, he said. But the problem of attribution —accurately and conclusively determining the responsible agency behind a cyberattack— remains unresolved in our time. Even if Chinese servers are conclusively identified as sources of such attacks, it would be dangerous to assume that Chinese government operatives —and not rogue agents, or nationalist hacker gangs— are necessarily behind them. Additionally, it is entirely possible that other countries —perhaps even Western countries— could be behind such attacks, but that they consciously try to mask them in such a way as to make China appear responsible. The reason is that Beijing is “such an easy scapegoat”, said Hypponen. If I were a Western computer hacker working for a government agency, and conducted a state-sponsored cyberattack or espionage operation against a third country, “I would do everything I could to make it look like it’s [from] the Chinese”, said the expert. “Everybody is just going to assume it’s [from] the Chinese, even if it’s not [them]”.