When Jaeah isn't making mockups, researching, or blogging for Mother Jones, she's usually reading about foreign policy, climate change, or new dinner recipes. A lover of mass transit, she can pretty much navigate the New York City subway blindfolded.
Prior to joining Mother Jones, Jaeah worked as a research associate at the Council on Foreign Relations in New York, focusing on China. Her writings have appeared in the Christian Science Monitor, Global Post, Huffington Post, Talking Points Memo, and Movements.org.
On Monday, an American cybersecurity firm called Mandiant released a report accusing the Chinese government of systematically hacking into American computer networks and targeting state secrets, weapons programs, businesses, and even the nation's gas pipelines. The New York Times vetted the story and concluded that a growing body of evidence "leaves little doubt" that these attacks are originating from a secret Chinese army base. Adam Segal, senior fellow for China studies at the Council on Foreign Relations (an organization that, in the past, has also been targeted by hackers that appeared to be China-based), tells Mother Jones that this "raises the pressure on the increasing drum beat on the US to do something."
So just how freaked out do you need to be? Here's everything you need to know:
How do cyberattacks and cyberwarfare work? A cyberattack is what happens when a hacker penetrates computers or networks for the purpose of maliciously exploiting systems and information. This can lead to identity theft, viruses, theft of intellectual property, or full-on system infiltration (i.e., the hacker can watch your every move). Cyberwarfare is what happens when countries are the ones employing those hackers, often with the goal of stealing state secrets and/or causing damage.
The scheme that Chinese hackers employ to gain footholds on victims' computers is known in computer-speak as spear phishing, according to Mandiant, and it's a scam that's been around for years. The sabotage begins when a victim receives an innocuous work-related email about a meeting or a project from what appears to be a colleague's email address. If the target takes the bait, he or she will click on a hyperlink or download an attachment from the message. In some cases, suspicious recipients have responded to phishing emails with questions about the file's authenticity. The Chinese hackers have responded: "It's legit." When the target downloads the files, they'll be unwittingly installing remote-access software (sometimes referred to as a "backdoor") that allows the hacker to assume control of the victim's computer.
With a few lines of code, the hacker can install other backdoors and programs, upload and download files, capture screenshots of the user’s desktop, record keystrokes and passwords, and shut down the system. The sleuthing can last months or even years, and confidential and top-secret files can be easily transported from the network into the hacker's hands. Here's a video showing an attack in progress:
So what is this mysterious Unit 61398? Unit 61398 (or "61398部队" for the Mandarin speakers among you) is believed to be a top-secret unit of the Chinese government that "engages in harmful 'Computer Network Operations,'" according to the Mandiant report. It's located in a 12-story facility in Shanghai, and could have up to thousands of employees, most of whom are required to speak English, demonstrate computer security skills, and exhibit "team spirit." Richard Bejtlich, the chief security officer at Mandiant, tells Mother Jones that the unit built new headquarters in 2007. Mandiant claims to have known about the unit for seven years, but it's unclear exactly how long it has been around. D.B. Grady, a national security journalist and author, makes the case that "concerns over Unit 61398—a perfectly unnerving name—are no more worrisome than Chinese spies recruiting American agents to steal folders from locked filing cabinets." He adds, "If the US government were really alarmed, we would be threatening to go to war. Instead, we're threatening to give a lot of money to government contractors."
Nevertheless, here are some infographics showing just how effective Unit 61398 is at getting on your computer, and staying there:
Who is the Chinese government hacking?The short answer: Your business, your water supply, your defense, your newspapers, and probably more. The longer answer: Since 2006, China's espionage division has stolen data from at least 115 American businesses—and that's only the hacking that Mandiant directly observed. The company believes that number represents only a small fraction of the China's overall hacking activity. Not surprisingly, Chinese spies were most interested in hacking national-security-related industries such as aerospace, energy, scientific research and information technology. Here's a chart showing the most-targeted industries (it only includes attacks Mandiant witnessed, and includes some that occurred outside the United States):
Mandiant
But even if you work for an alfalfa farm in Wyoming, hacking could still affect you: According to the New York Times, the hackers are interested in US critical infrastructure—electric grids, oil pipelines and water systems—and are attempting to unlock US military secrets by targeting defense contractors and weapons program (more on that later). Chinese hackers are also taking on media giants that produce journalism critical of China: the Times' computers were compromised recently after a high-profile investigation revealed that members of Chinese Prime Minister Wen Jiabao’s family had accumulated massive wealth from state contracts, and the Washington Post, Bloomberg News and the Wall Street Journal have also all been targeted. (Mother Jones liability note: China is great! 我们爱中国!)
Why is China hacking the United States?Segal, the Council on Foreign Relations expert, explains:
The Chinese want to move up the value chain. They want to move from "made in" to "innovated in China." So part of it is stealing industrial secrets and helping Chinese companies. There's [also] political and military espionage—having a better sense of what the US government and US opinion leaders and other people think about China and try to influence that, and wanting to steal US military secrets. It's also a kind of deterrent. [It] sends a message to the US that the US homeland is vulnerable and if there was going to be a regional conflict that escalated, the US should know that the Chinese have a way of reaching out and touching us.
Another explanation? Chinese hackers just really wanted to access their social-media accounts, many of which are blocked on the mainland. Mandiant was able to trace some of the hackers' identities because the "easiest way for them to log into Facebook and Twitter [was] directly from their attack infrastructure." And as our colleague Josh Harkinson noted, at least one hacker appears to be "a fan of American and British pop culture"—he used Harry Potter references for his passwords.
So…just how screwed are we? Both private US companies and government infrastructure are pretty bad at stopping hackers from beating down the door. Most private companies "aren't in a position to defend themselves, and if you devote any length of time to break into one of these guys, you're going to find a way in," says Mandiant's Bejtlich.
When it comes to government, the forecast isn't much better: President Obama says that the "cyberthreat is one of the most serious economic and national security challenges we face as a nation." Between 2007 and 2009, the head of the Pentagon's Cyber Crime Center confirmed 102 instances in which hackers had infiltrated the networks of government agencies, military contractors, or other entities connected to the Department of Defense, according to a 2010 Forbes report. In 2007, the 10 largest defense contractors, including Lockheed Martin, Northrop Grumman, Raytheon, and Boeing, all suffered security breaches that traced back to China. CFR's Segal says that even though cyber attacks aren't new, "on the defense side, we haven't had too much success" defending against them.
But experts don't necessarily say that means the United States is screwed. Segal says that US-China relations would have to "already be very, very bad or very, very close to military conflict anyway for the Chinese to consider a cyberattack." He adds that "there is some vulnerability to the power grid and industrial sector, but it's not a major threat right now. The major threat is espionage and stealing secrets."
"The way cybersecurity works is the way security works in the real world," Bejtlich says. "It's based on fast detection and response. It's hard to stop someone from breaking into your house, but you can call the police and kick them out." He adds that "defense contractors also learn from their experiences, and the ones who are making the news more tend to do the best job of protecting information that I've seen."
Grady makes the case that many of the cybersecurity concerns are overblown, and are instead, simply a good way for the defense industry to squeeze more money out of taxpayers. "This isn't some kind of new horror. Cyberattacks will become worrisome when someone figures out how to use a copy of Linux to blow up something," he tells Mother Jones. "The motives of defense contractors are pretty obvious, aren't they?" he adds. "The war on terror is all but over, but cybersecurity could mean anything and everything. Where there's fear, there's a lot of money to be made."
What is the Obama administration doing? Last week, Obama issued an executive order on cybersecurity with the aim of protecting US critical infrastructure from hackers, despite pushback from conservatives and big business. The order requests that companies participate in a voluntary information-sharing program so the government can help them stop attacks. "It's not clear that the executive order is going to make it better," Segal says. According to Bejtlich, the administration "is doing as much as it can with the order, but now the focus needs to shift to the House and the Senate."
Who else is China attacking? Wait, are we attacking anyone? Check out this amazing chart by Foreign Affairs, showing the number of cyber attacks, and by whom, from 2001 to 2011 (click link for the full chart):
SC Magazine reports that hackers (of unconfirmed origin) are now using phishing emails that claim to include the Mandiant cybersecurity report, in order to gain access to victims. The phishing emails are reportedly targeting Japanese companies and Chinese journalists. Here's a screenshot of one of the fake emails, released by Symantec:
And here's a tweet from Malware Lab claiming that some of the victims may be Chinese journalists:
On Tuesday, a dispute between two people at Lone Star College in Houston ended in a gun fight. Three people were wounded (including suspects in the shooting), and a fourth person was reportedly hospitalized with an unspecified "medical emergency" in connection with the incident. It was the sixth shooting on or near a US college campus this month.
Texas generally has lax gun laws, but prohibits carrying a concealed weapon on a college campus. The GOP-controlled Texas Legislature may soon change that, however. Last week, state Sen. Brian Birdwell, a Republican, introduced new "campus carry" legislation that would allow firearms to be carried at public colleges with a valid permit. Texas would join five states* that, to varying degrees, now allow weapons to be carried on campuses. And lawmakers in at least seven other states are aiming to follow suit.
Does your state allow concealed guns on college campuses? Hover over an individual state for further details. (Also see lists below the map.)
States with laws allowing guns on college campuses: Colorado, Mississippi, Oregon, Utah, and Wisconsin.
States in which lawmakers have recently introduced legislation to allow guns on campuses: Arkansas, Georgia, Indiana, Kansas, Michigan, Missouri, and Wyoming.
Correction: California was included in this category in the initial version of the story; the state bans concealed guns on college campuses but makes exceptions for individuals with valid licenses who are granted specific permission by school authorities.
Bearing witness to the worst year of gun rampages in modern US history.
—By Mother Jones staff
| Fri Dec. 21, 2012 2:16 AM PST
The media coverage tends to linger on the killers. But as the nation mourns the excruciating losses in Newtown—and finally begins to confront an epidemic of mass shootings amid the worst year for them in modern US history—it is equally important to bear witness to the victims. What follows are portraits of 151 people physically wounded or killed in the rampages of 2012. In addition to the victims of this year's seven mass shootings, we've included the victims of similar but less lethal rampages in a Portland shopping mall, a Milwaukee spa, and a Cleveland high school.
The total number of lives devastated by these attacks far exceeds 151, of course, starting with survivors who narrowly escaped physical harm, such as the unidentified six-year-old girl who played dead and walked out of Sandy Hook Elementary School against all odds. Mother Jones has only included photos of those injured and killed that were shared publicly by the families or survivors themselves, or for which we were granted specific permission. For essential context and findings from our in-depth investigation, also see our guide to mass shootings in America.
Scroll down to begin, or jump directly to any of these attacks of 2012:
This morning's shooting at an elementary school in Newtown, Connecticut reminded the staff here at Mother Jones that we're tired of updating our data on mass shootings in America. But we continue to work through the heartbreak because we hope our findings will contribute to a solution.
We've spent much of 2012 researching American gun violence dating back 30 years. Our stories and research cover a variety of angles, which are highlighted in this video. So please share and learn more...
Beyond the blustering on Benghazi and the budget sequester, there are many serious issues facing the nation. Climate change, gun violence, immigration reform, drone warfare, human rights—Mother Jones is dedicated to serious investigative reporting on all of these. But we need your help. We're a 501(c)(3) nonprofit, and our work is mostly funded by donations. Please donate 5 or 10 bucks to the Mother Jones Investigative Fund today to turbocharge our reporting and amplify our voice. Thanks!