Cyber security firm says Chinese "state actors" probed Alaska government and business networks
A report by a Massachusetts cyber security firm that asserted that Chinese hackers had targeted computers in Alaska sent officials scrambling Thursday to deny that any data was stolen.
The Massachusetts firm, Recorded Future, said it has been watching hackers at Tsinghua University in Beijing — an institution it called “elite” and which has been compared to MIT — because of penetrations of networks in Tibet, a province that China is concerned may try to become independent. The network hacks of Tibet appeared to come from “state actors” at the university, the report said.
The firm said it had “medium confidence” that Alaska attacks originated at the university too, and it cited technical internet traffic information as evidence. It said the reconnaissance was “conducted by Chinese state-sponsored actors in support of China’s economic development goals.”
A spokesman for the university quoted by the Reuters news agency denied that hackers were working on campus.
Recorded Future said the hackers greatly increased their activity as a result the trade mission to China in spring led by Gov. Bill Walker. The hackers also raised their activities when Walker traveled to Washington in an effort to head off a tariff war with China, Alaska’s largest trading partner.
“Organizations targeted by the reconnaissance activity were in industries at the heart of the trade discussions, such as oil and gas,” the report said. “The network reconnaissance activity against Alaskan organizations increased following the governor of Alaska’s trade delegation trip to China in late May.”
Recorded Future said the hackers probed state networks, principally those used by the Department of Natural Resources, and internet service providers like Alaska Communications Systems and Alaska Power and Telephone Co., which operates in Southeast Alaska and the Bush.
Heather Cavanaugh, a spokeswoman for ACS, said in a prepared statement that the company works to protect itself and its customers. But she declined to answer questions and the statement added: “We do not, however, respond with information that could be used by malicious actors to gauge the efficacy of reconnaissance and exploitation attempts.”
Kyle Sorenson, director of systems for Alaska Power and Telephone, said the report indicated the hackers did not actually break into networks.
“None of this was anything that brought up a lot of alarms — it was just the normal stuff that happens,” Sorenson said. “We always have our guard up. It’s one of the things we care a lot about.”
Walker’s spokesman Austin Baird said in a prepared statement that it’s routine for hackers to work at the entrance of the state’s networks, but not to penetrate. The efforts amount “to someone checking if the door is locked.” In this case, he added, it was.
“There is no way to tell if the activity is related to the recent trade mission to China, and a review by the Office of Information Technology has found no evidence that state networks were hacked in this instance,” the statement said.
Jesse Carlstrom, spokesman for the state-owned Alaska Gasline Development Corp., said, “There’s no indication there has been any data breach at AGDC — there’s nothing on our end that indicates a breach.” Carlstrom said the AGDC periodically tests its networks with cyber security firms “to make sure our systems are up to speed.”
And the FBI office in Anchorage said in a prepared statement that it was aware of the Recorded Future report. It said that agents regularly collaborate with the state on cyber threats. An FBI spokeswoman wouldn’t answer questions.
Zoi Maroudas, founder of Bambino’s Baby Food and a participant in the China trade mission, said state officials briefed her and others about best practices to protect their information at hotels and other places where threats may be lurking.
“There are special precautions that you take,” Maroudas said. “You do not log into your personal accounts while you’re there.”
Maroudas said she got a new computer for the trip that had no private information on it. When she back to Alaska, she sent the computer to be scrubbed to ensure that software wasn’t secretly placed on it.
“When I went to China, I had a clean computer, meaning anything that was on there, it was all the information that was already in public use.
She said an
was helpful for protecting trade secrets and customer data while traveling.