We have entering a new world, one that may well revolutionize our lives. This comes to mind in light of the report from the Mandiant Co. on Chinese efforts to hack U.S. companies.
I am not surprised that the Chinese are hacking government facilities. I would be upset if the National Security Agency and other intelligence agencies were not doing the same thing. What is surprising is the extent to which the Chinese have been hacking American and Cana-dian firms, organizations, think-tanks, newspapers — anywhere they think they can find data.
Mandiant was able to trace Chinese attacks on American and Canadian institutes to a unit of the People’s Liberation Army (PLA). Most interesting was that Mandiant not only identified the unit but traced its location to a building on the outskirts of Shanghai. Based on Mandiant’s report, the unit is staffed by hundreds of proficient English speakers.
Not surprisingly, the Chinese have cried foul and denied it. A spokesman for the Chinese Defense Ministry said, “The claim by the Man-diant Company that the Chinese military engages in Internet espionage has no foundation in fact.” The Chinese, in fact, complained that they have been subjected to cyberattacks that originated in the United States.
Why do the Chinese engage in such attacks? While studying and working in communist countries, one of the things I learned is that they have a difficult time understanding how our political process works. They often see chaos — and in some cases they are right. This is particularly puzzling to them because of the closed, structured way decision-making occurs in their countries.
The key to running a communist country is vertical control. In most cases, those at the top are in charge of the rest of the country. The point is that part of what is going on is an attempt to figure out who in America is making policy. This is one of the reasons they try to hack into think tanks. The Chinese see organizations such as Council on Foreign Relations, the Brookings Institution and the Heritage Foundation as important players in the political process so they want to understand what such people are saying and to whom.
Another reason is purely economic. The Chinese consider the United States the key world player economically and technologically (even though they own much of our national debt). What better way to speed up their drive for economic excellence than by stealing Amer-ican secrets? Mandiant said the Chinese hacked 141 companies across 20 industries and stole blueprints, business plans, pricing documents, user credentials, emails, contact lists and other information.
Our government has long been aware of China’s efforts to hack into the national security sector. Not a day goes by that the Chinese do not try a new way to hack into the Pentagon or other parts of the Depart-ment of Defense. Our national security sector works diligently to detect and combat these attacks.
It is hard for those of us who came from the world of nuclear deterrence and the Cold War to get used to the fact that the next war may be fought without bombs or bullets. It could be a cyber war in which one side attacks the other’s computer networks, closing down banking systems, power grids and information systems. Imagine what would happen if our radio and TV systems were shut down.
To build our defenses, we have pushed businesses to understand how serious the threat is and the need for them to develop appropriate cyber-security measures. Second, to his credit, President Barack Obama on Feb. 12 signed an executive order calling on federal agencies to develop voluntary cybersecurity standards for sensitive parts of the private sector and to share more intelligence with the private sector about cyberthreats.
The administration has been criticized for not getting tougher with China. It is important to note that our government has raised this issue with the Chinese military and government just about every time we have met. I am not certain what we can do. It is not as if we can just bomb the building in question.
The only meaningful response would be for our nation to build for private industry the kind of cybersecurity system we have inside the U.S. government. That, unfortunately,will be difficult at a time of severe budgetary problems,.
Dale R. Herspring, a University Distinguished Professor and a member of the Council on Foreign Relations, is a retired U.S. diplomat and Navy captain.