China syndromeChina's sustained cyberattacks on U.S. are an economic, strategic threat

Published 16 June 2011

China has been engaged in a sustained guerrilla cyber war against the United States, with two goals in mind: first, stealing research and development, software source code, manufacturing know-how, and government plans; second, to counter American military superiority by threatening to damage the underpinning of the U.S. economy; that Congress and the administration do nothing in the face of these cyber assaults is puzzling

Richard Clark, former terrorism adviser to presidents Bill Clinton and George W. Bush, offers a grim analysis of China’s systematic cyberattacks on U.S. commercial enterprises, government networks, and the country’s critical infrastructure assests.

He points to a few recent examples to illustrate his point:

  • Three years ago the head of MI5 wrote to hundreds of U.K. companies to alert them to the fact that their companies had been likely hacked by the government of China
  • The Aurora attack against Google in 2009 also targeted many other IT companies — allegedly including Adobe, Juniper, and Cisco – in an effort by China to gain access to these companies’ source code
  • In the Night Dragon cyber assault campaign, Chinese hackers went after major oil and gas companies around the world
  • The German government says that the personal computer of Chancellor Angela Merkel was hacked by the Chinese government
  • Australia has said its prime minister was targeted by Chinese hackers
  • Recently the computer-security company RSA was infiltrated by an intrusion which appears to have stolen the secret sauce behind the company’s SecureID. SecureID system is used to protect critical computer networks
  • This month, the largest U.S. defense contractor, Lockheed, was subject to cyberespionage, apparently by someone using the stolen RSA data.
  • The U.S. electric power grid had been hacked. U.S. researchers found that the hackers created secret openings, allowing the attacker to get back in with ease

The sustained attacks on commercial enterprises inflict economic damage on the United States, says Clark. “Beijing is successfully stealing research and development, software source code, manufacturing know-how and government plans. In a global competition among knowledge-based economies, Chinese cyberoperations are eroding America’s advantage,” he writes.

The attacks on government networks, defense contractors, and government networks are aimed at providing China with a strategic parity with the United States. That China is behind these attacks is not in question. “Cyber criminals don’t hack defense contractors — they go after banks and credit cards,” Clark notes. Adding:

There is no money to steal on the electrical grid, nor is there any intelligence value that would justify cyber espionage: The only point to penetrating the grid’s controls is to counter American military superiority by threatening to damage the underpinning of the U.S. economy.

In light of this, Clark concludes, the passivity both the administration and Congress are puzzling – and disturbing.