The Hill: "More congressional computers hacked from China"
Washington, Jun 21, 2008 - More Members of Congress have had their computers infiltrated by hackers within China than initially suspected, a lawmaker has revealed.
Reps. Frank Wolf (R-Va.), Chris Smith (R-N.J.), and Mark Kirk (R-Ill.) admitted to having data removed from their Capitol Hill computers last week, but Wolf says there are more.
“I’m not at liberty to say who they are, but there are other members,” said Wolf, ranking member on the Appropriations Committee’s State and Foreign Operations subcommittee.
Computers within the Foreign Affairs Committee, on which Smith serves as a senior Republican, were also infiltrated. Kirk suspects that other committees may have been attacked as well.
“I would suspect that the Foreign Affairs, Armed Services, Intelligence, (and) Appropriations committees would all be top targets,” Kirk said.
Wolf and Smith said they believe the hackers focused on them because of their continued objections to China’s human rights violations, and suspected that the hackers were looking for information on dissidents.
The computers of Wolf’s foreign policy and human rights staff, chief of staff, legislative director, and judiciary staff were all attacked.
“They got everything,” Wolf said, at a news conference.
The vast amount of information that the attacks, which occurred over the past two years, may have acquired from the computers has lawmakers concerned that the hackers may be selling it to other countries.
“China has a record of selling things to certain countries,” Wolf said.
Majority Leader Steny Hoyer (D-Md.) said he did not know the details of what information had been stolen but noted that he was very concerned.
“This is a serious matter and we’re looking into it carefully,” Hoyer said.
Alexa, an Internet information company, tracks the usage of millions of Alexa Toolbar users and ranks the traffic flow to millions of websites by the user’s country.
Internet users from China are the sixth most frequent browsers of the House’s websites, while users from Iran are the eleventh, according to the site. Iran and China tie for tenth most popular country-of-origin for visitors to the Senate’s websites.
But simply because foreigners are looking at government websites does not mean they are hacking in, as proficient hackers can easily mask their identity and their base country.
“If the Iranians are simply logging in to see what we have to say, there’s nothing wrong with that, just like if the Chinese logged in, I wouldn’t have any problem with that,” said Rep. Dana Rohrabacher (R-Calif.). “But having the secret police of China or Iran hack in to find out who has given us certain information, which we depend on for foreign policy decisions, now that’s a problem.”
James Lewis, the technology program director at the nonprofit Center for Strategic and International Studies, said that Iran does not have the sophisticated capabilities required to hack into government websites.
But in seeing such a high level of interest, as demonstrated in Alexa’s rankings, it shows that it could be in the market to purchase such information, he said.
“It shows that there’s a lot of interest in the country as to what Congress is up to,” he said. “There might be a correlation. People who don’t care about Congress aren’t going to be trying to hack into it. It’s probably safe to assume the Iranians are interested.”
The FBI asked the lawmakers not to speak publicly, fearing that if they did, they would be unable to track the IP addresses of the hackers, Kirk said.
“When you’re in the middle of a criminal investigation, you try not to alert the criminal of what’s happened so you can track it down,” he said.
Rohrabacher, a Foreign Affairs panel member, has other suspicions as to why the hacked lawmakers were asked to remain silent.
“When a U.S. corporation or government employee tells you ‘Don’t make any noise because it will make things worse,’ they’re implementing the policy of accommodation,” said Rohrabacher. “But when they start to begin to extend their oppressive tactics to our country in order to maintain the security there, that’s when they’ve gone way too far.”
House Minority Leader John Boehner (R-Ohio) said he did not know how many offices had been hacked but that the House was taking steps to address the security lapses.
“The Committee on House Administration is working with the House Information Resources people to implement addition safeguards,” Boehner said.
Smith said initially he thought his computers had a glitch or a virus of some kind but after the second time his computers crashed, he knew something was wrong. When he told Wolf about the incidents several months ago, Wolf confirmed it had happened to him as well and proposed to alert their colleagues.
One of the FBI’s highest priority is protecting the United States against cyber attacks and high-tech crimes.
“Computer systems control all critical infrastructures, and nearly all of these systems are linked together through the Internet,” Wolf said on the House floor. “This means that nearly all infrastructures in the United States are vulnerable to being attacked, hijacked or destroyed by cyber means…The potential for massive and coordinated cyber attacks against the United States is no longer a futuristic problem.”