WASHINGTON (Reuters) - The Defense Department is aware that Internet traffic was rerouted briefly through China earlier this year, a Pentagon spokesman said on Friday, referring to what a congressionally appointed panel has described as a hijack.
The U.S.-China Economic and Security Review Commission charged in its annual report on Wednesday that state-owned China Telecom advertised erroneous network routes that instructed “massive volumes” of U.S. and other foreign Internet traffic to go through Chinese servers during an 18-minute stretch on April 8.
Marine Colonel David Lapan, a Defense Department spokesman, told reporters, “We’re aware that on the 8th of April ... Internet traffic was rerouted through China.”
He added at one point that he did not know if “we’ve determined whether that particular incident ... was done with some malicious intent or not.”
Moments later, he said there was no evidence that anything malicious had occurred, a position he repeated when pressed about the discrepancy in his remarks.
The U.S.-China Commission in its 2010 report said the incident affected traffic to and from U.S. government and military sites, including those for Secretary of Defense Robert Gates’ office, the armed forces and some commercial websites.
In Beijing, China’s Foreign Ministry on Friday condemned the commission’s report on China’s military capabilities and economic policies, saying it distorted reality and was symptomatic of Cold War thinking.
China Telecom separately has denied the charge that it “hijacked” U.S. Internet traffic by sending false notifications that prompted other servers to route traffic through China on the assumption that it was the most efficient path.
The commission said the evidence did not clearly show whether the incident was perpetrated intentionally “and, if so, to what ends. However, computer security researchers have noted that the capability could enable severe malicious activities,” the report said.
Commissioner Larry Wortzel, a retired U.S. Army colonel who served two tours as a military attache in China, told reporters that the incident could have let someone mine email addresses and then send authentic-looking messages bearing attachments with malicious code or other harmful software.
“When I see things like this happen, I ask: ‘Who might be interested in all the communication from the entire Department of Defense and the federal government? It’s probably not a graduate student from Shanghai University,’” Wortzel said on Wednesday.
Lapan, the Pentagon spokesman, said the Defense Department’s internal networks would not have been affected by any improper rerouting of traffic through Chinese servers.
“We do have tools to protect any of the traffic that goes outside” the internal networks, he added, referring to encryption and devices that warn when Internet traffic is being rerouted.
Senator Sheldon Whitehouse, who led a Senate Intelligence Committee cyber task force that submitted a classified report to the panel in July on cyber threats, said on Wednesday that certain threats cannot be countered without the U.S. government’s unique “authorities and capabilities.”
In a Senate floor speech, the Rhode Island Democrat reiterated a proposal to create a “dot.secure” domain to protect crucial U.S. services such as power grids, financial networks, transportation and communications hubs.
“We simply cannot leave that core infrastructure on which the life and death of Americans depends without better security,” Whitehouse said.
The U.S.-China Economic and Security Review Commission was set up in 2000 to examine the security implications of growing economic ties with China.
Dean Cheng, an expert on Chinese security issues at the conservative Heritage Foundation, said the alleged Internet hijacking appeared to be part of what he described as a disturbing pattern of aggressive Chinese cyber activities.
“All of this suggests that, from China’s view, a global conflict is already underway - in the virtual world of cyberspace,” he wrote. “The ability to redirect vast amounts of data constitutes a threat, not only to national security, but also to private companies and individuals, as their information, too, has now been put at risk.”
Reporting by Jim Wolf, additional reporting by Paul Eckert, editing by Matthew Lewis