
The US is hoping to shock China into talks over its industrial cyber espionage programme, says a foreign relations expert
At first glance, the US Justice Department鈥檚 31-count of five Chinese military officers for hacking into the computers of six US corporations, in order to steal billions of dollars鈥 worth of industrial secrets, seems a bit odd. No way are Beijing鈥檚 leaders going to extradite members of their elite cyberwarfare unit to stand trial in a US criminal court.
At second glance, the move still seems strange and possibly counterproductive. The United States engages in cyber-offensive operations, too. Doesn鈥檛 president Obama 鈥 who must have approved the indictment and its high-profile rollout 鈥 worry that China will strike back by revealing some secret US plots?
Advertisement
Besides, won鈥檛 this whole business endanger US-Chinese relations, and at a time when Russian president Vladimir Putin is doing his own towards Beijing? (Fostering a US-Chinese alliance against Russia makes more sense than provoking a Russian-Chinese alliance against the US.)
But at third glance, there is logic to what the Obama administration is doing, and although it鈥檚 loaded with risk, it鈥檚 on balance a good move, maybe even a necessary one.
Detailed evidence
For years, the Chinese 鈥 especially, but not exclusively, a Shanghai-based department of the People鈥檚 Liberation Army called Unit 61398 (where all of the indicted officers work) 鈥 have been hacking into the computer networks of US corporations, defence firms, and financial institutions. President Obama and a few cabinet secretaries have raised the issue in several diplomatic forums. Each time, Chinese officials have denied the charges and challenged the Americans to produce some evidence. The indictment is, in this sense, the reply: here is the evidence 鈥 and in staggering detail.
When Obama tried to spark a dialogue on the issue last June, at the in Palm Springs, California, Chinese president Xi Jinping called him out on the hypocrisy. The first leaks from Edward Snowden had just appeared, revealing that the US was hacking into Chinese networks. How, Xi asked, could Obama complain about Chinese hacking when he was hacking, too? (Of course, Xi still denied that his government was responsible for any of it.)
US officials, then and now, have drawn a distinction: China hacks into US computer networks to steal secrets and enrich its state-run corporations; the US hacks into Chinese networks only to protect national security. The Chinese and others, including many American critics, have scoffed at the fine line. First, to China, economic enrichment is national security. Second, to some, hacking is hacking is hacking.
Security secrets
In fact, though, there are real distinctions here. The Chinese cyberwarfare units don鈥檛 just hack into corporate networks for trade secrets. They also 鈥 just like their counterparts in the US, Russia, Britain, France, Israel, Iran, North Korea and other countries 鈥 hack into military and intelligence networks for national security secrets. The Obama administration is saying: the latter, the realm of traditional spying, is fair game; the former, the cyber-age equivalent of industrial espionage, is not.
For some time Obama has said he wants to negotiate 鈥渞ules of the road鈥 for this new, anarchic domain of cybertools and cyberweapons, laying out which kinds of networks are legitimate military targets and which kinds are vital to the workings of a civil, lawful society 鈥 and should, therefore, be protected (whether by treaty, international law, mutual asset, or whatever) from nation-state hackers.
Obama has made repeated overtures to the Chinese because they are the world鈥檚 most indiscriminate hackers and because the two nations have other diplomatic ties and interests; in other words, diplomacy on this issue with China is a plausible notion. The indictment is Obama鈥檚 way of turning up the pressure 鈥 and of showing just how much the US knows about what they鈥檙e doing. (The Chinese may think they鈥檝e deeply penetrated the world of US secrets; but they may not have known, till now, just how deeply the US has penetrated their own 鈥 so much so that, when they hack into American networks, US hackers see what their hackers are seeing.)
The indictment is interesting not only for the crimes it鈥檚 seeking to punish, but also for the crimes it鈥檚 letting brush by. The statutes that the Justice Department cites fall mainly under , 鈥淔raud and related activity in connection with computers.鈥 The Chinese hackers are charged under those sections of the statute that deal with gaining access to files of financial value 鈥 but not other sections that deal with damage to national security, although there鈥檚 plenty of evidence that they engage in that sort of hacking as well. An explicit decision was made to ignore that sort of hacking, to draw a distinction between military and industrial espionage.
Long history
It鈥檚 not that Obama is giving military hackers a free ride. The Pentagon spends billions of dollars a year trying to make its own networks more secure. But he recognises that this is what militaries do.
Unit 61398 made headlines just over a year ago, in February 2013, when reported, based on a study by Mandiant, a leading cybersecurity contractor, that the super-secret Chinese military unit had hacked into the newspaper鈥檚 computer networks. This was the first time many people had heard of not just Unit 61398 but of nation-state hacking as a serious problem generally. In fact, though, it鈥檚 been going on for two decades.
In autumn 1997, the US joint chiefs of staff conducted a top-secret exercise known as Eligible Receiver, in which a 25-man Red Team from the National Security Agency (NSA) 鈥 using off-the-shelf commercial equipment 鈥 hacked into the major computer networks of the Department of Defense, the military services and several US combatant commands worldwide.
The exercise spurred the first official steps to beef up the security of the military鈥檚 computers. The threat wasn鈥檛 hypothetical. When the Red Team players were hacking into the Pentagon networks, they saw traces of Russian and French hackers who were already there. (The NSA had been hacking into foreign networks, too.) Soon after the exercise, the Pentagon ordered 鈥渋ntrusion detection systems鈥 to be installed on all Department of Defense computers. Instantly, they detected hundreds of intrusions a week. The pattern continues to this day 鈥 with many nations hacking, and getting hacked, non-stop.
Vast penetration
In this sense, hacking isn鈥檛 that different from other forms of espionage through the ages. But in two ways, it鈥檚 very different. First, in the cyber-age, a nation doesn鈥檛 need to send spies abroad. Instead, with some computers and a few dozen trained specialists, it can spy remotely 鈥 and therefore cheaply. (North Korea, for instance, is said to have an excellent cyberwarfare unit.)
Second, because the internet opens into a single worldwide network, hacking into even a piece of that network opens up the possibilities of vast penetration 鈥 and destruction. Almost everything is plugged into this network 鈥 personal email, industrial secrets, household appliances and even the workings of electrical power grids, water supplies, dams: increasingly, everything.
One of the worries in new-age strategic thinking is that, in an attempt to gain leverage in an armed conflict, one side might launch 鈥 or threaten to launch 鈥 a cyber-attack that turned out the lights in a major city. It鈥檚 known that foreign cyberwarfare units are already poking around in these infrastructure networks 鈥 their digital traces have been spotted 鈥- just as US cyber-units poke around in similar networks abroad. It would be very hard to launch an effective cyberstrike that shut down, say, a power grid or some waterworks. But fundamentally, it would not be so different from a cyberstrike that disabled a newspaper鈥檚 network or hacked into a bank鈥檚 credit card records or stole a manufacturer鈥檚 trade secrets.
These worries 鈥 about the financial costs inflicted today and the possible war scenarios spun out tomorrow 鈥 are why many people involved in this field are calling for the world鈥檚 leaders to draft 鈥渞ules of the road.鈥 The Chinese, who are the most suitable collaborators on such a project, have resisted all such calls for negotiation. Maybe the indictment will shock them into a dialogue. Maybe not. It鈥檚 worth a shot.
This article first appeared in
Profile
is the Edward R. Murrow press fellow at the Council on Foreign Relations in New York and the author of The Insurgents: David Petraeus and the Plot to Change the American Way of War. He is writing a new book on the history of cyberwarfare