Credit: Reuters (www.reuters.com)
By Jim Wolf
(Reuters) - The Defense Department is aware that Internet traffic was rerouted briefly through China earlier this year, a Pentagon spokesman said Friday, referring to what a congressionally appointed panel has described as a hijack.
State-owned China Telecom sent a false notice that caused traffic to Secretary of Defense Robert Gates' office and other U.S. government, military and corporate sites to go through China during an 18-minute stretch on April 8, the U.S.-China Economic and Security Review Commission charged in its annual report on Wednesday.
Marine Colonel David Lapan, a Defense Department spokesman, said, "We're aware that on the 8th of April ... Internet traffic was rerouted through China."
He added at one point that he did not know if "we've determined whether that particular incident ... was done with some malicious intent or not."
He later said there was no evidence that anything malicious had occurred, a position he repeated when pressed about the discrepancy in his remarks.
In Beijing, China's Foreign Ministry on Friday condemned the commission's report to the U.S. Congress on China's military capabilities and economic policies, saying it distorted reality and was symptomatic of Cold War thinking.
China Telecom separately has denied the charge that it "hijacked" U.S. Internet traffic by sending false notifications that prompted other servers to route traffic through China on the assumption that it was the shortest route.
The commission said evidence did not clearly show whether the incident was perpetrated intentionally "and, if so, to what ends. However, computer security researchers have noted that the capability could enable severe malicious activities," the report said.
Commissioner Larry Wortzel, a retired U.S. Army colonel who served two tours as a military attache in China, told reporters that the incident could have let someone mine email addresses and then send authentic-looking messages bearing attachments with malicious code or other harmful software.
"When I see things like this happen, I ask: 'Who might be interested in all the communication from the entire Department of Defense and the federal government? It's probably not a graduate student from Shanghai University,'" Wortzel said.
Lapan, the Pentagon spokesman, said the Defense Department's internal networks -- the Internet's so-called dot.mil domain -- would not have been affected by any improper rerouting of traffic through Chinese servers.
"We do have tools to protect any of the traffic that goes outside" the internal networks, he added, referring to encryption and devices that warn when Internet traffic is being rerouted.
Sen. Sheldon Whitehouse, who led a Senate Intelligence Committee cyber task force that submitted a classified report to the panel in July on cyber threats, said on Wednesday that certain threats cannot be countered without the U.S. government's unique "authorities and capabilities."
In a Senate floor speech, the Rhode Island Democrat reiterated a proposal to create a "dot.secure" domain to protect critical infrastructure such as power grids, financial networks, transportation and communications hubs.
"We simply cannot leave that core infrastructure on which the life and death of Americans depends without better security," Whitehouse said.
The U.S.-China Economic and Security Review Commission was set up in 2000 to examine the security implications of growing economic ties with China.
(Reporting by Jim Wolf, additional reporting by Paul Eckert, editing by Matthew Lewis)
Credit: Reuters (www.reuters.com)
No comments:
Post a Comment