In 2011 the United States made acts of hacking linked directly to a nation an act of war. It was part of a 30 page strategy to deal with cyber threats but the officials stressed that not all hacks would lead to war. For an attempt to constitute an act of war it would have to threaten lives, commerce, infrastructure or worse. Oddly though most of the attacks coming out of China have targeted American companies with an emphasis on the defense industry and it can be argued successfully that that affects commerce yet for the most part the White House has remained quiet on state sponsored hacking.
A highly detailed 60 page report released Tuesday by Mandiant, an American cyber-security group, was able to track China’s most sophisticated hacking group known around the world as “Comment Crew” to an area encircling a PLA unit’s headquarters. The army headquarters is for China’s ever expanding cyber force. The report makes it very clear that most of the attacks on American corporations and government organization’s originate from that headquarters even if Mandiant was unable to directly place the hacks inside the building. “Either they are coming from inside Unit 61398,” said Kevin Mandia, the founder and chief executive of Mandiant, in an interview last week, “or the people who run the most-controlled, most-monitored Internet networks in the world are clueless about thousands of people generating attacks from this one neighborhood.”
A classified National Intelligence Estimate released to all American national security organizations recently also indicated that most of the hacking groups within China are state-sponsored and work directly for army officers or commands like P.L.A. Unit 61398 which was implicated in the Mandiant report. Even with a government report out linking the hacks to the Chinese Army the White House refuses to assign blame to China while insisting that it takes cyber-security seriously.
The White House said it was “aware” of the Mandiant report, and Tommy Vietor, the spokesman for the National Security Council, said, “We have repeatedly raised our concerns at the highest levels about cybertheft with senior Chinese officials, including in the military, and we will continue to do so.”
Last week President Obama signed a directive that opens the door for the government to share all its collected data on Chinese hacking signatures with internet providers and according to administration officials they plan to raise the issue of hacking with China’s new leader. The New York Times quoted a frustrated American intelligence official as saying “they’re huge diplomatic sensitivities here”. The largest of those sensitivities is likely to be the amount of money we borrow and need from China.
The United States is also afraid of looking like a hypocrite since it employs world class hackers as well and not just for defensive purposes. The Stuxnet virus unleashed on Iran did severe damage to their nuclear program and later spread to other computers outside of Iran. The U.S. government operates under much stricter rules than China however and intelligence officials point out that we hack governments whereas China hacks everything. For example the PLA unit named in the recent report is responsible for the theft of terabytes of Coca-Colas internal data.
One unnamed defense official said “In the cold war, we were focused every day on the nuclear command centers around Moscow.” “Today, it’s fair to say that we worry as much about the computer servers in Shanghai.”
The United States has a responsibility to protect its citizens and its corporations from all forms of hacking but especially state sponsored attacks that will lead to theft of intellectual property, national secrets and potentially lead to war. If the United States takes cyber-security as seriously as they say they do they will use this report as an excuse to take the gloves off when it comes to China and their military attacks on our nation.
In 2011 the phrase uttered by a military official after hacking was made an act of war was widely publicized likely in an effort to ward of China but now it’s time we follow through. “If you shut down our power grid, maybe we will put a missile down one of your smokestacks.”