A Myrtle Beach man's mission to stop Chinese hackers
Wed, 20 Feb 2013 23:36:21 GMT —
The Obama administration is launching a new strategy to fight the growing theft of trade secrets following new evidence linking cyberstealing to China's military.
The plan includes a fresh diplomatic effort to discourage intellectual property theft abroad along with better coordination at home to help U.S. companies protect themselves.
The administration said Wednesday there are indications that economic espionage is increasing.
Some of the work being done to find hackers from China is taking place on the Grand Strand.
Tracking down computer hackers in China is what Joe Stewart does every day at the Myrtle Beach-based Dell Secureworks and Stewart is good at it.
The hackers he looks for often use a technique called spear phishing.
That's when a hacker sends an email to a specific user that looks genuine and appears to be from someone the recipient knows, but is actually very destructive.
"There's a program in there that's going to run when they open it. It's going to install itself on their computer and silently start allowing the hackers a backdoor into their system to steal documents," Stewart said.
By piecing together clues left behind in emails and domain names, Stewart tracked down a hacker using the fake names "Tawnya Grilth" and "Eric Charles", and claiming to be from the bizarrely misspelled Sin Digoo, California.
Those clues eventually led to a man named Zhang Changhe, an instructor who teaches computer security for the PLA, the People's Liberation Army in Zhengzhou, China.
That's not smoking gun proof that the Chinese government is involved in hacking, but Stewart says it's very coincidental.
"You can say that this guy works here at this facility, that he's a teacher, but that still doesn't prove that he's taking his orders for the hacking from the government," Stewart said.
It's practically impossible to get solid evidence leading back to an individual hacker, Stewart says, and even if he could do that, it's unlikely the hacker would be prosecuted in China.
It's more important to find the hackers' cyber fingerprints and figure out how to stop them before they do more damage to our economy, Stewart says.
"We are taking a hit because companies here that are doing the innovation may not be able to profit from the ideas and I don't like to see that happen, so I like to do this."
To stop hackers, Stewart says companies have to be very aggressive and go beyond anti-virus software and firewalls.
One piece of advice he gives to his clients is to never open any email that they weren't specifically expecting.
The Associated Press contributed to this story.