Exposing China's cyber espionage campaign hasn't lessened scope, US says

'China has not reduced its cyber intrusions against the United States despite recent public exposure of Chinese cyber espionage in technical detail,' a commission set up by Congress to monitor US-China ties reported.

Carlos Barria/Reuters
The National Information Security Engineering Center, a building commissioned by the People's Liberation Army's Cyber Unit, is seen at the Zhangjiang High Technology Park, on the outskirts of Shanghai March 16, 2013. Faculty members at a top Chinese university have collaborated for years on technical research papers with a People's Liberation Army (PLA) unit accused of being at the heart of China's alleged cyber-war against Western commercial targets. Picture taken March 16, 2013.

China is “directing and executing a large-scale cyber espionage campaign against the United States” and has succeeded in targeting networks belonging to the US government, Defense Department, and private companies, according to a new government report.

These activities are designed to reap economic and strategic benefits, including providing Chinese firms with an advantage over competitors around the world, advancing research and development goals, and obtaining information for future military operations, according to the US-China Economic and Security Review Commission’s 2013 report, which was released late Wednesday.

“China has not reduced its cyber intrusions against the United States despite recent public exposure of Chinese cyber espionage in technical detail,” concluded the Security Review Commission, which was set up by Congress to report annually on the relationship between the two countries. “This suggests Beijing has decided to continue its cyber campaign against the United States.”

Such findings are not a huge surprise to cyber experts or anyone else watching the drumbeat of cyber security company reports over the past two years implicating Chinese hackers with the wholesale theft of intellectual property from US corporations – their “crown jewels.”

One of the most damning of those reports cited by the commission was a study released in February by Mandiant, a US-based cyber security company. It laid bare a wholesale multi-year cyber economic espionage campaign that it carefully linked back to an address in Beijing – a 12-story building occupied by an intelligence unit of the the People’s Liberation Army (PLA). Since 2006, the PLA’s Unit 61398 had penetrated networks of 141 organizations, including US companies, foreign governments, and others, Mandiant reported.

Eighty percent of the organizations infiltrated were located in the US or had their headquarters in the US. While cyber espionage declined for about a month from the Beijing-based groups that Mandiant was watching, it soon rebounded using different cyber techniques and malicious software.

In April, Verizon’s cyber security team reported that in 621 cases of ‘‘confirmed data disclosure” in 2012, at least 19 percent of the intrusions were espionage carried out by ‘‘state-affiliated actors.’’ Among that latter group, 96 percent were linked back to China, it found.

“The public exposure of Chinese cyber espionage in 2013 has apparently not changed China’s attitude about the use of cyber espionage to steal intellectual property and proprietary information,” said Dennis Shea, vice chairman of the commission in his prepared remarks unveiling the report. “Mitigating the problem will require a long-term and multifaceted approach.”

Recommendations by the commission to deal with the problem and moderate China’s economic cyber espionage include:

• New legislation to clarify what actions US companies are allowed to take to track intellectual property stolen through cyber intrusions

• Amending the Economic Espionage Act to permit “a private right of action” when trade secrets are stolen – including getting the information back, or even possibly taking action to damage a cyber spy’s computer systems

• Urging the White House to expedite measures that would enable the Department of Defense to more effectively limit risks associated with certain Chinese-made equipment that enter the Defense supply chain.

Other steps that could have an impact in changing China’s spying could include linking Chinese economic cyber espionage to trade restrictions; preventing Chinese firms that use stolen US intellectual property from accessing the US banking system; and creating a list of banned entities whose members would not be allowed to travel to the US.

“If I were the Chinese I wouldn’t worry about Congress doing anything about this report, which is unfortunate because congressional action is one of the best levers we have,” says James Lewis, a cyber security expert with the Center for Strategic and International Studies in Washington. “Even small symbolic actions can be influential with the Chinese. Putting names on a treasury or travel list really can have an effect. If you put Unit 61398 on a no-travel or other list, that would get global attention and make the Chinese unhappy.”

So far, however, US steps to get the Chinese to back off have been undermined by recent revelations of National Security Agency spying. In April 2013, US Secretary of State John Kerry announced that the US and Chinese governments would establish a working group to discuss cyber security. But progress in the talks has been stalled by the leaks of NSA documents by Edward Snowden, the former NSA contractor, experts say.

Since June the leaks have overshadowed those talks and China’s interest in cyber accommodation has appeared to cool, experts say.

Lewis says the chilly cyber relations are a significant bad sign. Some reports have put US economic losses of intellectual property as high as $300 billion so far.

“What leapt out of this report is that the cyber dialog has been put on hold by the Snowden revelations,” he said. “This is really a major issue for the US. Let’s not forget this is a big problem. We had the secretary of the Treasury travelling to China last week – and he didn’t raise cyber at all. That sends a signal.”

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to Exposing China's cyber espionage campaign hasn't lessened scope, US says
Read this article in
QR Code to Subscription page
Start your subscription today