Hacker claims breach of Chinese defense contractor
Wed Apr 4, 2012 6:19pm EDT
By Joseph Menn
(Reuters) - A hacker has posted thousands of internal documents he says he obtained by breaking into the network of a Chinese company with defense contracts, an unusual extension of the phenomenon of activist hacking into the world's most populous country.
The hacker, who uses the name Hardcore Charlie and said he was a friend of Hector Xavier Monsegur, the leader-turned- informant of the activist hacking group, LulzSec, told Reuters he got inside Beijing-based China National Import & Export Corp (CEIEC).
He posted documents ranging from purported U.S. military transport information to internal reports about business matters on several file-sharing sites, but the authenticity of the documents could not be independently confirmed.
The Beijing company, better known by the acronym, CEIEC, did not respond to a request for comment. U.S. intelligence and Department of Defense officials had no immediate comment.
CEIEC's website says the company performs systems integration work for the Chinese military.
Cyber-spying, both economic and political, is a growing concern for companies and governments around the world. The Chinese government is often accused of promoting, or at least tolerating, hacking attacks aimed at Western targets. But Chinese institutions have rarely been publicly identified as victims of such attacks.
Hackers associated with LulzSec have largely targeted Western defense contractors and law enforcement, although some of their attacks may have been driven by FBI informants. LulzSec is a spin-off of Anonymous, an amorphous collective that uses computer break-ins to promote social causes and expose what members see as wrongdoing by governments and corporations.
Hardcore Charlie said in email and Twitter conversations with Reuters that he had worked with others to crack the email passwords that got him inside CEIEC.
In particular, the hacker said he worked with an associate who calls himself YamaTough on Twitter, another former ally of Monsegur who recently released stolen source code for old versions of security products made by Symantec Corp (SYMC.O).
YamaTough had also been involved in an incident in which fake documents, purportedly from Indian military intelligence, were mixed with genuinely purloined documents, raising the possibility Hardcore Charlie had pursued a similar strategy in posting the alleged CEIEC documents.
Hardcore Charlie described himself as a 40-year-old Hispanic man in a country close to the United States. He said he did not have strong political leanings, but was concerned the Chinese company had access to material about the U.S. war effort in Afghanistan, as some of the documents suggest.
He said he planned to "explore" the computer networks of other Chinese companies.
(Reporting by Joseph Menn in San Francisco; additional reporting by Mark Hosenball in Washington; editing by Jonathan Weber and Andre Grenon)