Chinese Regime’s Hacking Sparks Talk of Retaliation
Possible responses range from more engagement to dealing out punishment
Created: February 27, 2013
Last Updated: February 27, 2013
News Analysis
The Chinese Communist Party has been hacking the United States for over a decade, but only recently has the matter received sustained, public focus by policymakers.
Pushing the issue into the spotlight recently was the publication of a detailed report by the cybersecurity firm Mandiant, which showed massive infiltration of American computer systems by a unit of the People’s Liberation Army.
The report immediately sparked chatter of payback in Washington.
On last Sunday’s “This Week” program on ABC News, for instance, Mike Rogers, chairman of the House Intelligence Committee, said that the Chinese military were behind the attacks “beyond a shadow of a doubt.” He advocated denying visas to individual hackers.
Soon after Mandiant’s 60-page report was made public, the Obama administration published a document about protecting intellectual property (though the PRC was not mentioned.)
No administration official has talked publicly about what sort of action the United States could take against the Chinese regime’s hacking army—though plenty of ideas are percolating.
One school of thought, and which for a long time has been the dominant one, says that the government needs simply to talk more with China, and persuade the regime that it is in its interests not to send cyberspies into American computer systems.
“We’ve observed in the last week an emerging coalition in government, business, and public opinion. What I’m hoping is that this will give the U.S. government greater leverage in discussions with China, to deepen dialogue, and expand it and include the PLA,” Christopher Johnson, a China expert at the Center for Strategic and International Studies, said after a recent panel in Washington.
Whether the PLA could be brought to the table, or whether promissory notes to stop hacking—something that the Communist Party loudly denies—would be forthcoming, is another matter.
The administration has engaged in dialogue with the PRC for years about cyber-attacks, yet the intrusions reached a crescendo last year.
One of the aphorisms of network security experts, sometimes attributed to Dmitri Alperovitch, a founder of the security firm CrowdStrike, has become: “There are two kinds of Fortune 500 companies: those that know they’ve been hacked, and those that don’t yet know.”
Experts estimate that tens of billions of dollars in intellectual property has been siphoned by Chinese hackers, which have penetrated the communications of think tanks, newspapers, government offices, universities, and all varieties of corporations.
Given the vast damage that has already been inflicted, another approach to the problem says that the time for talk is through, and now it’s time for the United States to do something.
The idea that the United States should retaliate, either through cyber or other means, in an attempt to force the PRC to rein in its hacker army, is still contentious.
“The problem is, then you get into tit-for-tat, which is where no one wants us to be,” Johnson said. Besides, he added, “We don’t do these things. We don’t commit economic espionage.”
Journalist and author on security issues, Ralph Peters, in an opinion article in the New York Post, wrote that the American government has “stunning, close-held capabilities to respond with punishing cyber-strikes of our own. We have the intelligence. We have the targets. But the order never comes.”
He added, “Playing defense doesn’t cut it. The Chinese won’t throttle back until they feel pain. Serious pain.”
Also in the response school is William C. Triplett, a longtime China analyst and author most recently of “Bowing to Beijing.” You don’t simply say “please stop” to the Chinese regime, he said, “unless you accompany it with a laugh track.”
The issue, according to Triplett, is to respond in a way that gets the attention of top Party leaders and makes them stop hacking, without crossing the line into seriously escalating the dispute or committing sabotage.
PRC efforts have, so far, remained at the level of espionage: collecting intellectual property with which to boost economic development in China. But along with stealing the technology, Communist Party intelligence agencies are acquiring the high-tech tools to wage real war. Some reports indicate that in other attacks, the PRC has attempted to gain access to the vendors of computer control systems for critical infrastructure in the United States—and analysts say that such penetration could also be used, for example, to paralyze U.S. power grids in a real combat scenario.
A critical issue for Triplett in considering any kind of retaliation would be to not disrupt the actual people of China—but targeting the regime is another matter entirely.
That leads to a variety of colorful other ideas for how to force the hands of Communist Party decision makers in China: denying visas, closing down consular offices (under the guise of long term “maintenance”), intrusive and simultaneous tax investigations into major Chinese companies in the United States, leaking evidence of Party-led human rights violations, or making immigration and banking difficult for the sons and daughters of the Party leaders. All those methods have the virtue of targeting the Communist Party and the interests of its top cadres directly, without exposing the wider public to any harm.
The overriding logic of the U.S.’s relationship with the PRC since Nixon normalized relations in 1972 has been one of “engagement.” The basis of this view is that the PRC will benefit from being integrated into the established international order—with the implicit assumption that its interests also align with that order.
“The current framework doesn’t work. Engagement has created the very thing we sought to avoid, which is an aggressive, belligerent Chinese regime,” says Gordon G. Chang, an author and consultant on China. “We’ve got to change track.”
Rep. Eliot Engel of New York, the ranking Democrat on the House Foreign Affairs Committee, also appeared on the ABC News program recently, alongside Mike Rogers. He said that after confronting a number of Chinese officials with the evidence of hacking, “They just let it roll off their back. They pooh-poohed it.”
Chang reached to the oft-quoted line by James R. Lilley, a storied American CIA operative and later diplomat to China, “You won’t get anything from them unless you squeeze them.” The kind of squeezing that would be most effective is a matter of debate. But so far, talking hasn’t been enough, says Chang.
“People in Washington still want to engage the regime, and they think that these measures would undercut our ability to have cooperative relations,” Chang said. “But in my view they would help, because the Chinese need to feel some pain before they’re willing to have normal relations.”
chinareports@epochtimes.com
No comments:
Post a Comment
Comments always welcome!