The Chinese government is issuing ludicrously unconvincing denials of the report issued by the Internet security firm Mandiant that a specific unit of the People’s Liberation Army—Unit 61398 based in an office-building in Shanghai–is responsible for many of the worst cyber attacks on American companies and governmental agencies. “Chinese military forces have never supported any hacking activities,” a spokesman for the Chinese defense ministry said at a press briefing. “The claim by the Mandiant company that the Chinese military engages in Internet espionage has no foundation in fact.”
Uh right. And if you believe that then no doubt the spokesman also has some nice swampland near Shanghai to sell you.
There is in fact little doubt of the Mandiant report’s veracity because it tallies with so many other findings from many other sources–including the U.S. intelligence community—about China’s very active computer hacking program which is at the core of its aggressive campaign of economic espionage. What really makes these activities especially chilling is this revelation in the New York Times referring to a hacking team called the Comment Crew which is believed to be PLA-sponsored: “While Comment Crew has drained terabytes of data from companies like Coca-Cola, increasingly its focus is on companies involved in the critical infrastructure of the United States — its electrical power grid, gas lines and waterworks. According to the security researchers, one target was a company with remote access to more than 60 percent of oil and gas pipelines in North America.”
This strongly suggests that the PLA is not only intent on stealing secrets for China’s economic advantage. It is also, by all indications, preparing for the possibility of war with the United States at which time it could well set off previously planted “cyber bombs” that will blow up key infrastructure nodes, potentially plunging American cities into darkness, shutting down transportation networks, and so forth.
The question is what to do about all this? Chinese activities are offensive, dangerous and intrusive, but they are not a formal act of war as previously understood. So what should be the American response?
For a start the U.S. needs to stop respecting Chinese sensibilities by not being afraid to “name and shame” the perpetrators of these attacks, however much outrage it will cause in Beijing. Bringing such activities into the public light may well lead China to calculate that the public humiliation is not worth the price paid.
Assuming, however, that such cyber-attacks continue, a stiffer response could be warranted: namely retaliation in kind. If it is not already going on, it should be—the National Security Agency should be penetrating Chinese networks as aggressively as they penetrate ours to send a clear signal that two can play at this game. Only if we achieve a degree of deterrence will the Chinese government ultimately be convinced that such activities are too costly to engage in.
"For a start the U.S. needs to stop respecting Chinese sensibilities by not being afraid to “name and shame” the perpetrators of these attacks, however much outrage it will cause in Beijing." n n"the National Security Agency should be penetrating Chinese networks as aggressively as they penetrate ours to send a clear signal that two can play at this game." n nBecause if there is one thing this administration has made clear, it's that they walk softly and carry a big… eh, nevermind…
Ok, but I’d like to know more about who Mandiant are, and their credibility.
I think it best to name and shame INDIVIDUALS as much as possible, to make it an absolutely terrifying proposition to be a Chinese hacker–I imagine a concept somewhat similar to Israel's assassination campaign against Iranian nuclear scientists, but one mostly psychological. (I think casual reference in passing the best way to acknowledge the menace otherwise. An exception to that would be with a trade body that could punish China for violations–ideally, such a body would have provisional membership and provisional tiering. I can't name one specifically like this that exists… then again, I can't name most "trade bodies.") n nThere could be a fascinating "privateer" element to our cybersecurity against these individuals–we all know this is a smaller step than those taken by Russia and China and even Iran, who actively equip attackers in this field. n nOtherwise, planting cyber bombs of our own is a great deterrent–and it's possibly something we should be doing anyway, by virtue of China being an ambitious nuclear power. The only other thing I can think of is to prepare extensively for a cyber-Pearl Harbor, perhaps going so far as to make mobile infrastructure elements to be off-grid and that could return the grid to functioning quickly.
Cyber war is going on as we discussing it, nothing new in getting info from potential enemy or even friend, the most clever win, we are and must continue to be the one.