The sophistication and relentlessness of these "advanced persistent threat" cyber attacks has convinced intelligence agencies on both sides of the Atlantic that they must have been state-sponsored. NATO has warned its top officials about the dangers of being impersonated on social networking sites, and awarded a £40 million contract to a major defense company to bolster security at the organization's headquarters and 50 other sites across Europe. A NATO official confirmed that Stavridis, who is the Supreme Allied Commander Europe (Saceur), had been targeted on several occasions in the past two years: "There have been several fake Saceur pages. Facebook has cooperated in taking them down… the most important thing is for Facebook to get rid of them."
The official added: "First and foremost, we want to make sure that the public is not being misinformed. Saceur and NATO have made significant policy announcements on either the Twitter or Facebook feed, which reflects NATO keeping pace with social media. It is important the public has trust in our social media."
NATO said it was now in regular contact with Facebook account managers and that the fake pages were usually deleted within 24 to 28 hours of being discovered. Finding the actual source in cases such as these is notoriously difficult, but another security source said: "The most senior people in NATO were warned about this kind of activity. The belief is that China is behind this."
Stavridis, who is also in charge of all American forces in Europe, is a keen user of social media. He has a genuine Facebook account, which he uses to post frequent messages about what he is doing, and where. Last year he used Facebook to declare that the military campaign in Libya was at an end.
The threat posed by Chinese cyber activity has been causing mounting concern in the U.K. and the U.S., where it is judged to be a systematic attempt to spy on governments and their militaries. They also accuse Beijing of being involved in the anonymous theft and transfer of massive quantities of data from the west. In a surprisingly pointed report to Congress last year, U.S. officials broke with diplomatic protocol and for the first time challenged China directly on the issue. The National Counterintelligence Executive said Chinese hackers were "the world's most active and persistent perpetrators of economic espionage".
It said China appeared to have been responsible for "an onslaught of computer network intrusions". The report also claimed that Chinese citizens living abroad were being leaned on to provide "insider access to corporate networks to steal trade secrets". The use of moles was, it said, a clear exploitation of people who might fear for relatives in China.
Security analysts in Washington said they believed China had undertaken comprehensive cyber-surveillance of the computer networks that control much of America's critical infrastructure. This has stoked a political debate on Capitol Hill, where Democrats and Republicans are locked in an ideological battle about how to tackle cyber threats. President Barack Obama wants to introduce regulation to ensure companies are taking them seriously, but that approach is opposed by Republicans, including Senator John McCain.
James Lewis, a cyber expert from the Center for Strategic and International Studies thinktank in Washington, said the time for dithering had passed. "We know that Russia and China have done the reconnaissance necessary to plan to attack U.S. critical infrastructure," he said. "You might think we should put protection of critical infrastructure at a slightly higher level. It is completely vulnerable."
Shawn Henry, an executive assistant director at the FBI, told the Observer that the agency was dealing with thousands of fresh attacks every month. "We recognize that there are vulnerabilities in infrastructure. That's why we see breaches by the thousand every single month," he said. "There are thousands of breaches every month across industry and retail infrastructure. We know that the capabilities of foreign states are substantial and we know the type of information they are targeting."
The department of homeland security has been tasked by the White House with countering the cyber threat, but without making people lose confidence in the web. Its senior counselor for cyber-security, Bruce McConnell, said: "The internet is civilian space. It is a marketplace. Like the market in Beirut in the 1970s, it will sometimes be a battleground. But its true nature is peaceful, and that must be preserved."
Intellpuke: You can read this article by The Observer's correspondent Nick Hopkins, reporting from Washington, D.C., in context here: www.guardian.co.uk/world/2012/mar/11/china-spies-facebook-attack-nato