Sunday, June 2, 2013

China and the threat of Cyberwar

The United States has new evidence that  that China used cyber attacks to access data from nearly 40 U.S. weapons programs and almost 30 other defense technologies. That revelation has increased pressure on American lawmakers to take more effective action against Beijing –something many  of us  have  been calling for for several years now.

While we have known for years about China’s cyber espionage efforts aimed at our military and high-tech programs, the breadth of the list underscored how routine the attacks have become. And, as the U.S. looks to grow its military presence in the Asia Pacific, it heightens worries that China can use the information to blunt America’s military superiority and keep pace with emerging technologies.

A  partial list of 37 breached programs included the Terminal High Altitude Area Defense weapon — a land-based missile defense system that was recently deployed to Guam to help counter the North Korean threat. Other programs include the F-35 Joint Strike Fighter, the F-22 Raptor fighter jet, and the hybrid MV-22 Osprey, which can take off and land like a helicopter and fly like an airplane.

The report also listed another 29 broader defense technologies that have been compromised, including drone video systems and high-tech avionics. The details of the breaches were first reported by The Washington Post.

According to a defense official, the report is based on more than 50 briefings that members of the board’s task force received from senior leaders in the Pentagon, the State Department, the intelligence community, national laboratories and business. The official was not authorized to discuss the report publicly so spoke on condition of anonymity.

U.S. officials have been far more open about discussing the China cyber attacks over the past year or two, beginning with a November 2011 report by U.S. intelligence agencies that accused China of systematically stealing American high-tech data for its own national economic gain. The Pentagon, meanwhile, in its latest report on China’s military power, asserted publicly for the first time that Beijing’s military was likely behind computer-based attacks targeting federal agencies.

“In 2012, numerous computer systems around the world, including those owned by the U.S. government, continued to be targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military,” said the report, which was released earlier this month.

In Beijing on Wednesday, Assistant Foreign Minister Zheng Zeguang did not directly address the allegations, but said that China opposes all hacking and referred to an agreement with the U.S. to form a cybercrime working group.

Cybersecurity experts have for some time been urging the U.S. government to use sanctions or other punishments against China for the breaches.

The benefits to the cyber espionage are high and the costs are low, said Shawn Henry, former cyber director at the FBI and now president of CrowdStrike Services, a security technology company.

“There is no cost, there are no sanctions, no diplomatic actions, no financial disincentives,” said Henry, adding that the U.S. intellectual property losses are in the hundreds of millions of dollars. He said that the U.S. needs to have a discussion with Chinese leaders about “what the red lines are and what the repercussions will be for crossing those red lines.”

U.S. leaders, including President Barack Obama, however, have instead been using the bully pulpit to increase pressure on the Chinese to confront the problem. Obama is expected to raise the issue with China’s new leader Xi Jinping during a summit in Southern California.

Defense contractors, meanwhile, declined to say whether their systems had been breached. But recent filings to shareholders indicate these companies see intrusions as a serious risk to their business, particularly when they must rely on third-party suppliers.

It’s way past time for the United States, and our allies, to get tough with the Chinese on these cyber attacks. Red lines must be clearly laid out and serious consequences must be put I place. This problem is not going away and it represents an even bigger threat to our national security than the war on terrorism.


Live Long and Prosper....

No comments: