In the cat-and-mouse days of Cold War espionage, each side seemed to understand just how far it could push.
To hear Kevin Mandia tell it, hackers from China have their own rules of engagement in their campaign to make off with American know-how.
The founder of Mandiant, a cybersecurity firm in Alexandria, has had plenty of experience hunting intruders, including helping The Washington Post repair its own breach. Mandia detailed the rules of engagement recently during testimony before a Senate Armed Services subcommittee.
“First and foremost, these attacks are against companies,” Mandia testified. “It’s to steal corporate secrets; it’s not individual secrets, necessarily.”
That might seem confusing since the attacks tend to target individuals in order to gain access to corporate networks. “They do it by sending e-mails purporting to be from someone you know ... They’re soliciting you in pretty darn good English to click on a link to see a Word document or a PowerPoint document or something that you would expect to get.”
“And just by clicking on that link or downloading or opening that attachment to that e-mail, you’re compromising yourself.”
The hackers don’t appear to be tampering with the data they find.
But make no mistake, Mandia said, they want U.S. intellectual property.
“It’s not a great leap to say that the computer intrusions to steal our IP are in fact to shortcut the [research and development] process. It’s the shortcut learning what our marketing plans are, what our sales plans are, how much we charge for things, what our road map is for products and technologies, how we build things, how we manufacture.”
It might be years before we know the true consequences: “How many jobs might we lose?” Mandia asked. “How much competitive pricing pressure might we get from exports coming out of that region?”