About 16 months ago, a Florida-based biofuel company called Algenol noticed that its Internet service was slowing down.
In checking it out, Jack Voth, Algenol's information technology chief, stumbled on something odd: a telnet connection to its videoconference camera from an Internet Protocol address in China -- a country where Algenol has never sought to do business.
That was only the beginning. Ever since, Algenol has been on high alert for what Voth describes as "nefarious activity." The company now estimates that hackers have attempted to break into its computers 39 million times in four months this year, triple the level of a year earlier.
The most serious of these were more than 63,000 attempts that came directly from China, including 6,653 attempts over 15 months from IP addresses and servers that Algenol says are the same as the Peoples' Liberation Army addresses identified in a public report by Mandiant, a leading computer security firm.
Another Internet trail led Algenol to Aliyun Computing, the cloud computing subsidiary of Alibaba, one of the most powerful online commerce and retail giants in China. Interest in the company is running high because it is set to launch what may turn out to be the largest initial stock offering in U.S. history.
Alibaba says Algenol mischaracterized ordinary Internet traffic as attacks.
What makes a small company in Florida so interesting to cyberspies? Algae.
It's not usually the stuff of trade secrets, but Algenol, a company with about 125 employees, is developing technology that converts algae biomass into transportation fuels, including biodiesel and gasoline -- all while consuming the greenhouse gas carbon dioxide rather than producing it. Algenol's work would interest anyone who wants to curb climate change. As the Chinese government tries to limit the hazardous pollution that has upset its citizens, it has set out to increase biofuel production tenfold.
That might be enough incentive for Chinese cyberspies.
"This is not at all unusual. China has made the decision to focus on alternative energy as a topic of industrial espionage," said James Andrew Lewis, a cybersecurity expert at the Center for Strategic and International Studies.
He said the Chinese government and state-owned enterprises have targeted trade secrets for soap, house paint and wooden furniture. "It doesn't have to be about national security," Lewis said.
Algenol isn't alone in its battle against Chinese computer attacks. In May, the Justice Department indicted five members of the Chinese military on charges of hacking into computers and stealing trade secrets from leading steel, nuclear-power and solar-power firms. China's Foreign Ministry spokesman Qin Gang said in a statement that the charges were "purely ungrounded and absurd," adding that the United States had "fabricated facts" in the indictment.
Algenol chief executive Paul Woods said little has changed following the indictments and expressed frustration about the rising tide of attacks. Hacking attacks come from many countries, he says, and are mostly efforts to steal credit-card information. Chinese hackers, by contrast, tend to target trade secrets and unique technology.
"What are you going to do? Sue them in a Chinese court? You have no recourse," said Woods, adding that the Justice Department indictments would not touch the alleged culprits or change behavior and were "a joke."
Algenol, which hasn't built a large-scale plant, has spent hundreds of thousands of dollars on technology to protect its computers, but the volume of attacks -- not only from China, but also from the United States, Germany, Russia and Taiwan -- has made it impossible to track all the sources and log complaints with them.
Just sorting out the connection between the attacks and Alibaba quickly turned Byzantine.
Alibaba rejected Algenol's characterization of the attacks. Even so, the company -- after learning about Algenol's complaint through The Washington Post -- took action to shut down traffic from one server that had been hijacked by unknown users to break into other computer systems.
Algenol executives said they weren't accusing Alibaba itself of trying to pilfer its technology, but both companies said that stopping such behavior was part of Alibaba's responsibility.
Algenol's real expertise isn't its computer technology. It lies in a field in Fort Myers, Fla., where the company is letting thousands of plastic bags of algae bake in the sun. The company pumps carbon dioxide and some brackish water into the bags and produces four transportation fuels -- ethanol, gasoline, diesel and jet fuel. Woods says it can do this for about $1.27 a gallon thanks to proprietary techniques.
The process works in two steps, first producing ethanol from the algae and then converting the spent algae biomass into biodiesel, gasoline and jet fuel.
The Canadian-born Woods and a Mexican businessman initially invested $70 million in the venture a few years ago after the price of oil surged past $50 a barrel. In 2009, the Energy Department tapped money under the economic stimulus program and gave Algenol a $25 million grant. India's Reliance Industries later invested more.
China has made the search for commercial biofuels a priority.
Internet security experts say that some Chinese individuals or entities are trying to take a shortcut to acquiring biofuel technology, including converting algae to fuel.
Mandiant has traced "advanced, persistent threats" to a cyber-espionage unit of the People's Liberation Army -- the second bureau of the general staff's third department. Voth said the IP addresses and servers he tracked were the same as the ones in the Mandiant report.
Jen Weedon, manager of threat intelligence at FireEye, which acquired Mandiant in December, said FireEye had identified 25 Chinese groups engaged in cyber-espionage.
"We've seen six of those 25 pursue companies involved in biofuels," she said, all of them tied to intelligence agencies, the military, other parts of the government or government contractors. "The biofuels industry fits squarely in what they call strategic emerging industries."
Algenol's battle shows the difficulty that ordinary companies have in keeping information safe or even in identifying their attackers.
Algenol executives did not know that Aliyun was the cloud computing part of Alibaba, and they never tried to make contact. Instead, Algenol focused its efforts on fending off rather than reaching out.
The attacks don't necessarily mean that Aliyun or its parent Alibaba was launching the attacks. Aliyun rents server space to customers and helps them store information in the cloud.
After inquiries from The Washington Post, Algenol shared information about the hacking attacks with Alibaba. Woods said Algenol gave Alibaba 232 IP addresses that accounted for 16,670 hacking attempts.
That set off three weeks of talks.
Alibaba initially told Algenol that it had blocked access from its server to Algenol and that the company would "continue to investigate who hijacked their computers, and inform local police with any evidence," Woods said in an email.
Alibaba then sent an email asking for more information -- but its note was trapped in Algenol's spam filters, Wilkinson said after talking to Voth. After the phone call, Voth said he provided a list of 2,000 alleged attacks over the previous 30 days, which is as long as Algenol archives the log of information from its server.
In the end, Alibaba said in a statement that it had conducted "a record-by-record analysis of every log and piece of data Algenol provided," and that it provided Algenol "numerous specific instances where the data they provided us was mischaracterized by their systems."
As an example, Alibaba said Algenol's computers mistook inquiries about Alibaba marketing email sent to two former Algenol employees as attacks.
The company, however, did say it shut down a server after discovering that one customer's "virtualized server had been compromised, and that there was evidence that the server had been used as a botnet host to scan for other vulnerable hosts on the Internet." A botnet is a network of malicious software planted on computers.
Voth, though, is not convinced. He disputed Alibaba's explanation about the marketing emails to employees who left Algenol four years ago.
"If you got 10 security guys in a room and asked them to give their opinion on an attack, you'd get 10 different opinions," Voth said. "We have our opinions, they have theirs."
SundayMonday Business on 07/14/2014