FOR more than a decade, a relentless campaign by China to steal valuable, confidential information from US corporations flourished with barely a peep from Washington. And now it might never be stopped.
The secret online assault was well understood by the last two administrations. The programme’s scope was confirmed in a 2009 classified inquiry that discovered Chinese hackers — many of them traced to facilities connected to the People’s Liberation Army — had penetrated not only all of the corporate computer networks analysed, but also every examined computer system used by state or federal agencies.
Still, the US state department warned — as it had for years — that publicly confronting China over its online economic warfare would damage relations with Beijing, so American government statements about the hacking did not disclose the scope of China’s efforts.
It was not until Oct 2011 that the Obama administration pulled back the curtain a bit on a single page of a little-noticed public report by the office of the national intelligence executive. But that muted warning bell did nothing to slow the hacking or to create greater concern on Capitol Hill, and Washington’s demands that China rein in its hacking continued to be delivered quietly in diplomatic tête à tête.
All that changed early this year. In January, the New York Times reported that Chinese hackers had infiltrated its computers after Beijing threatened “consequences” if the newspaper published an unflattering article about the country’s prime minister.
In February, Mandiant, a security firm, disclosed that hackers from the Chinese military unit 61398 had stolen data from scores of US companies and agencies. In March, Tom Donilon, then the US national security adviser to President Barack Obama, publicly urged China to curtail its cyber activities.
Then, administration officials leaked classified details of a Pentagon report that Chinese hackers had obtained designs for scores of the nation’s most sensitive advanced weapons systems, including some critical to missile defences and combat aircraft.
China’s protests that it did not engage in hacking were waved aside by Washington, which pushed forward with a plan to publicly confront its leaders.
In May, Donilon flew to Beijing to meet senior government officials there and set the framework for a summit between Obama and Chinese President Xi Jinping; Donilon and other US officials made it clear they would demand that hacking be a prime topic of conversation.
By finally taking the step of putting public — and, most likely, international — pressure on the Chinese to rein in their cyber tactics, the administration believed it was about to take a critical step in taming one of the biggest threats to US economic security.
But it didn’t happen. The administration’s attempt to curb China’s assault on US business and government was crippled — perhaps forever, experts say — by a then-unknown National Security Agency contractor named Edward Snowden.
Snowden’s clandestine efforts to disclose thousands of classified documents about NSA surveillance emerged as the push against Chinese hacking intensified. He reached out to reporters after the public revelations about China’s surveillance of the Times’s computers and the years of hacking by Unit 61398 into networks used by US businesses and government agencies.
On May 24, in an email from Hong Kong, Snowden informed a Washington Post reporter to whom he had given documents that the paper had 72 hours to publish them or he would take them elsewhere; had the Post complied, its story about US comp-uter spying would have run on the day Donilon landed in Beijing to push for Chinese hacking to be on the agenda for the presidential summit.
The first report based on Snowden’s documents finally appeared in The Guardian on Jun 5, two days before the Obama-Xi meeting, revealing the existence of a top secret NSA programme that swept up untold amounts of data on phonecalls and internet activity.
When Obama raised the topic of hacking, administration officials say, Xi again denied that China engaged in such actions, then cited The Guardian report as proof that America should not be lecturing Beijing about abusive surveillance.
“Snowden couldn’t have played better into China’s strategy for protecting its cyber activities if he had been doing it on purpose,” says one American intelligence official.
Snowden’s revelations quickly veered away from what he called the NSA’s “domestic surveillance state” to overseas espionage by the US. After fleeing to Hong Kong, he provided local reporters with NSA documents and told them the US was hacking major Chinese telecommunications companies, a Beijing university and the corporate owner of the region’s most extensive fibre-optic submarine cable network. That information, government officials and industry experts say, is now used by the Chinese to deflect criticisms of their hacking, both in meetings with the administration and at cyber security conferences.
The activities of the two sides, however, are vastly different in scope and intent. The US engages in widespread electronic espionage, but that classified information cannot legally be handed over to private industry. China is using its surveillance to steal trade secrets, harm international competitors, and undermine US businesses.
“Snowden changed the argument from one of ‘the Chinese are doing this, it’s intolerable’ to ‘look, the US government spies, so everybody spies’,” says Richard Bejtlich, chief security officer at Mandiant, the firm that linked hacking intrusions in America to the Chinese military.
“Of course the US spies, but none of what the US is doing is benefiting American business, and pretty much everything the Chinese are doing is benefiting Chinese businesses.”
China does not limit its computer espionage to America: All of Western Europe, Australia, Japan, and other industrialised nations have been targeted, a fact the Obama administration had hoped to leverage into unified international pressure against Beijing.
But subsequent Snowden disclosures about American surveillance of allied countries and world leaders (including German chancellor Angela Merkel) have robbed the US of the ability to persuade other countries to join it in condemning China.
“I don’t think that point is going to win the day with Angela Merkel anymore,” says Jason Healey, director of the Cyber Statecraft Initiative at the Atlantic Council, a national security think tank in Washington.
“Certainly no one cares anymore about our whining about Chinese espionage. The time we had for making the case on that is long gone. Internationally, I don’t see how we recover.”
Some security industry and former intelligence officials say they originally believed Snowden’s apparent outrage at espionage by governments might lead him to expose activities by the Chinese, who use their hacking skills not only for economic competition but to track and damage dissidents overseas and monitor their citizens.
There was good reason to believe Snowden had plenty of details about Beijing’s activities — he has publicly stated that as an NSA contractor he targeted Chinese operations and taught a course on Chinese cyber counterintelligence. While he says he turned over his computerised files of NSA documents to journalists in Hong Kong, he boasts that he is so familiar with Chinese hacking techniques that there is no chance the government there can gain access to his classified material.
But outside of US intelligence operations conducted there, Snowden has revealed nothing about surveillance and hacking in China, nor about the techniques he asserts he knows so well.
And there is plenty to disclose. The threat of Chinese espionage is so large that senator Sheldon Whitehouse, who chaired the intelligence committee’s cyber task force, proclaimed it to be part of “the biggest transfer of wealth through theft and piracy in the history of mankind”.
In its economic hacking, the Chinese go far beyond stealing information from US defence contractors. “If you have an information system connected to the internet and you have information that is of great interest to China, they probably have it already,” says Martin Libicki, a senior management scientist at the Rand Corporation who specialises in the impacts of information technology on domestic and national security.
In the last few years, dozens of companies — including some in hi-tech, energy, and finance — have reported that their computer systems were hacked and their proprietary data stolen by the Chinese government.
In 2010, for example, Google disclosed that it had been the target of an attack involving malicious software, dubbed Aurora.
The bad news on top of all the bad news? Knowing that the espionage is taking place doesn’t help much — there are no widely used technological fixes available to prevent a network infiltration.
“There’s a lack of good mitigation options in the United States in terms of stopping the attacks,” says Kenneth Geers, senior global threat analyst with FireEye, a company that specialises in protecting clients against advanced cyber attacks.
“Cyber defence is a new and immature discipline that has a long way to go.”
Despite the threat to corporate secrets, strategies, and intellectual property posed by Chinese hackers, experts say, plenty of businesses discount the threat, leaving them open to damage.
With the world raging about the NSA secrets exposed by Snowden, the threat to US companies by Chinese hacking is being ignored once again, opening up the possibility that the threat that for so many years raised so much concern behind closed doors in Washington could now grow more destructive than ever.
“It certainly seems that China is in a position to act with far more impunity because the United States and other nations are distracted by the NSA spying scandal,” says Healey.
“The American private sector was already having it bad before. Now it is only going to get worse.”
© Irish Examiner Ltd. All rights reserved