Last year’s major attack on RSA’s SecurID token system was the work of the Chinese, the US Cyber Command chief is reported to have said during a submission to the Senate Armed Services Committee.
The admission by General Keith Alexander adds to his formal presentation to the Committee which carefully steered clear of blaming any one state while underlining the sophisticated threat now posed by many of them.
“State-sponsored industrial espionage and theft of intellectual capital now occurs with stunning rapacity and brazenness, and some of that activity links back to foreign intelligence services,” his presentation said.
“Nation state actors in cyberspace are riding this tide of criminality.”
According to InformationWeek, under questioning Alexander accused China of stealing “a great deal” of data and IP from the US although he was unwilling to discuss specific incidents beyond connecting the RSA attack to the country.
“Companies and government agencies around the world are thus being looted of their intellectual property by national intelligence actors, and those victims understandably turn for help to their governments,” he said.
His Cyber Command department currently employs 937 staff and has a budget of $182 million.
The parties responsible for the RSA attack have never been formally named and the details of what happened in March 2011 remain unclear. What little information has emerged came mostly from a letter published by RSA Executive Chairman Art Coviello; third-party sources were quicker to blame the Chinese.
The compromise of the SecuID technology used for two-factor authentication by large number of Department of Defense personnel was severe enough that military contractor Lockheed Martin later suspended its VPN while it replaced many of the tokens used to access it.
If the US has for some years complained loudly in public and private about China, the traffic is likely to be more two way in future.
Only a week ago, the Chinese National Computer Network Emergency Response Technical Team (CNCERT/CC) named Japan and the US as the two countries that were attempting to undermine its systems using cyberattacks.