General Lieutenant Morten Haga Lunde, chief of Norwegian intelligence service E-tjenesten, has publicly accused hackers affiliated with the Chinese government of conducting cyber-espionage against Norway-based firms to steal sensitive data and military state secrets.The statements were first reported by Norwegian TV station TV2 as Lunde was showcasing his agencies annual intelligence report – a detailed analysis undertaken by the defence department that highlights key cyber-threats and emerging concerns.
“The digital space is an arena where the big powers actively pursuing their objectives. Russia and China [are] emerging as the most active players behind networked intelligence operations directed against Norway,” the report revealed. “Both nations have high skills and show a high degree of assertiveness in its approach to Norwegian goals. They are now implementing persistent networked intelligence operations against Norwegian interests.”
While not mentioning the firms compromised or what technology was stolen by hackers, Lunde added: “The Norwegian technology industry is where we primarily see China [infiltrate the] Norwegian network to capture information that they can use in their own technological development.” He added that military state secrets have been exploited and are now being implemented into Chinese military weaponry.
While Chinese state hackers have long been suspected of infiltrating foreign countries in order to steal sensitive data, these rare accusations from a high-ranking official are believed to be the first case of this Nato government pointing the finger directly at Beijing. While many cyber-security firms are involved with tracking threats thought to be linked with Chinese state-sponsored hackers, most stop short of claiming the government is responsible for the attacks.
The US government has, in the past, indicated that it believes China regularly infiltrates networks to steal secrets. Indeed, the two nations were involved in a cyber peace-treaty last year forced by rising tensions resulting from the hack at the US Office of Personnel Management (OPM).
Now, according to Norway’s defence minister, Ine Eriksen Søreide, the rapid changes of the cyber landscape mean it is difficult to predict what threats are likely to emerge. “The ripple effects of a changing world have long since reached us here at home. We live in a very uncertain time,” she warned. “The stability we have been accustomed to, we can no longer take for granted. Violent extremism knows no boundaries and ideologies cannot be stopped at passport controls,” she said.
Meanwhile, in an interview with SC Magazine, Snorre Fagerland, a senior researcher at the Oslo-based security firm Blue Coat, said research indicates that Chinese hackers have been active for “quite a long time”. However, he noted that proper attribution remains difficult to determine with absolute certainty.
“Chinese hackers have traditionally been negligent or indifferent to operational security. They can hack and then blog about it – [this was] more prevalent five years back,” he said. “Now they are getting better, but they still make mistakes, like when they were more careless, and some of the attribution comes from this. You can go back and look at their history, the technology, what they have done before, and even though they are quite good now, they will often do things they did back then.”
Most recently, an insider exposed the long-rumoured database project of the Chinese government set up to collate the slew of data compromised from cyberattacks into one searchable system. The source, who spoke out on condition of anonymity, claimed the Chinese government brought in a small group of “independent software developers” from the US to work alongside China’s security services to build and implement the project in 2013.