An East Coast cybersecurity firm said Thursday that Alaska computers were the target of reconnaissance by Chinese hackers before, during and after an Alaska trade mission to the country.
That trade mission, led by Gov. Bill Walker, was intended to boost Chinese interest in Alaska products and relationships, including the proposed trans-Alaska natural gas pipeline.
According to the firm, Recorded Future, “The network reconnaissance activity against Alaskan organizations increased following the governor of Alaska’s trade delegation trip to China in late May. Organizations targeted by the reconnaissance activity were in industries at the heart of the trade discussions, such as oil and gas.”
Recorded Future made the revelation as part of a report on the activities of hackers based at Tsinghua University, the Chinese equivalent of the Massachusetts Institute of Technology. The report concluded, “We assess with medium confidence that the network reconnaissance activities we uncovered were conducted by Chinese state-sponsored actors in support of China’s economic development goals.”
The analysis was first reported by Reuters on Thursday morning.
The section of Recorded Future’s report devoted to Alaska indicates that IP addresses associated with Tsinghua made more than 1 million connections to networks in Alaska between April 6 and June 24. Walker’s trade delegation was in China between May 19 and May 26.
Computers belonging to Alaska Communications, the Alaska Department of Natural Resources, Alaska Power and Telephone, TelAlaska, and the governor’s office were all scanned for vulnerabilities.
Alaska Communications spokeswoman Heather Cavanaugh said by email that the company is not willing to discuss the incident but is “serious about cyber security.”
“We do not, however, respond with information that could be used by malicious actors to gauge the efficacy of reconnaissance and exploitation attempts,” she wrote.
In a subsequent email, she said the company would “absolutely let customers know if their data was compromised.”
Alaska Communications focuses on telecoms support for business and government services. Its Alaska competitor, GCI, was not mentioned in the Thursday report, and a spokeswoman said the company didn’t see anything unusual.
Jesse Carlstrom, a spokesman for the Alaska Gasline Development Corporation, said the state-owned corporation developing the gas pipeline was not named as a target and doesn’t discuss its specific security measures.
“I can say that AGDC does utilize top-of-the line security systems,” he said by phone, and added that the company performs regular “penetration testing” to judge its vulnerability to hacking.
There is no indication that information was accessed or taken from any Alaska computers; it appears to be the electronic equivalent of rattling doorknobs and examining closed windows.
In a prepared statement, Walker press secretary Austin Baird said the scan wasn’t anything out of the ordinary.
“In this day and age, it is critical for any business or government to take cyber security seriously, whether conducting business online, close to home, or overseas. The State of Alaska, like most state governments, routinely has anonymous activity on the perimeter of our networks that amounts to someone checking if the door is locked,” he wrote by email. “That is the sort of activity referenced in a recent blog post from Recorded Future. It is not unique, nor would we draw conclusions about its timing or source. There is no way to tell if the activity is related to the recent trade mission to China, and a review by the Office of Information Technology has found no evidence that no state networks were hacked in this instance.”
According to a timeline of the Chinese activity, the scans began soon after Walker announced on March 5 that he would lead the delegation to China. Activity subsided for a time, picked up before Walker arrived, declined while the delegation was in the country, then surged after the delegation left the country.
“The spike in scanning activity at the conclusion of trade discussions on related topics indicates that the activity was likely an attempt to gain insight into the Alaskan perspective on the trip and strategic advantage in the post-visit negotiations,” the report states.
Alaska was not the only target of scans: according to the report, Tsinghua computers also examined organizations in Kenya, Brazil, Mongolia, Germany and Tibet.
• Contact reporter James Brooks at jbrooks@juneauempire.com or 523-2258.
