Where do we really go from here?
It is a question that many individuals, particularly those actively involved in military intelligence and national security, are asking in the face of the New York Times investigation into into the cyber espionage attacks it recently faced that led the uber cyber-security team Mandiant, to discover that a highly sophisticated cyber warfare scheme targeting the United States and its citizens orchestrated by the China's military has been long underway.
Obviously the possibilities of cyber warfare are endless. Understanding what is ahead of us is critical.
I am pleased to share this important article written by Matt Schiavenza and published in the Atlantic:
The New York Times' revelation that Unit 61398 of China's People's Liberation Army (PLA) systematically hacked into U.S. computer networks has emerged as the latest salvo in the increasingly contentious Sino-American rivalry. While the story presented fresh evidence of Chinese hacking -- in stunning detail -- the aftermath presents more questions than answers.
Who, exactly, authorized the attacks carried out by Unit 61398?
On the surface, this question seems fatuous and unnecessary -- the Chinese political system, like the American one, places the military under civilian leadership. However, the PLA has consistently operated with great autonomy, and there are occasionally rumors that China's political leaders don't always know what the military is doing. James Lewis, a senior fellow at the Center for Strategic and International Studies and an expert on Chinese cyber-security, put it this way: "The first time some parts of the Chinese government probably encountered this story was through reading The New York Times." Could Unit 61398 have been reporting to military, rather than political, superiors?
There is reason to be skeptical of such a scenario. The Chinese government has explicitly sought increased capability as a cyberspace power, and the hacking is consistent with this larger strategic goal. So while it is unlikely that President Xi Jinping himself authorized specific targets, it would be a major stretch to suggest that the PLA is disobeying the wishes of the civilian government by conducting these attacks.
Is China the only country that conducts cyber attacks? Why does it do it?
According to Lewis, there are five countries which stand out as having significant cyber-espionage capability: China, Russia, France, Israel, and the U.S. Capability, of course, does not mean intent, and it would be a mistake to judge all cyber attacks as equivalent. The United States, after all, famously conducted a series of attacks aimed at disrupting the Iranian nuclear program, an operation described in great and vivid detail by the New York Times' David Sanger. To say that China is the only country to launch cyber attacks against another is plainly inaccurate.
However, Adam Segal, the Maurice B. Greenberg Senior Fellow for China Studies for the Council on Foreign Relations, believes that the scale and scope of cyber conflict is greatest in China. "There's a sense of competitive metabolism there," he said, "and China has resources that the other countries lack." In terms of Beijing's relationship with the United States, cyber is an area in which China -- whose conventional military strength remains far inferior to that of the U.S. -- can gain an asymmetrical advantage over its strategic rival. Though the country continues to invest in its armed forces, China remains hemmed in by American military power in the Pacific and a string of U.S.-allied countries on its periphery, giving Beijing a strong incentive to seek any advantage it can get.
China also has motives that go beyond simple national security considerations. Since Deng Xiaoping initiated widespread reforms in 1978, Beijing has aggressively sought to acquire foreign technology and know-how as a means of developing the economy. Government efforts to foster "indigenous innovation" have yet to bear much fruit, so as a result, Lewis says, Beijing has adopted a "stopgap solution to use Western technology to get closer to their goals." The PLA's breach of commercial targets may have less to do with weakening American institutions than with strengthening Chinese ones.
How is the United States going to respond?
Just eight days ago, the Obama administration issued an Executive Order creating a voluntary program for organizations to adopt stringent cyber-security programs, evidence that the White House is hardly unaware of the threat from foreign hackers. Thus far, however, the U.S. has reacted to these threats defensively, urging companies and individuals to heighten their vigilance of possible "spearphishing" attacks, defined as those which involve embedding malicious links inside innocuous-seeming e-mails.
With news of cyber attacks increasing in frequency, there's a growing sense that the U.S. will have to respond to these provocations more forcefully. James Lewis predicts that the issue "will come to a head" this year, and that Washington will present a response that might, for example, restrict visa access for certain segments of the Chinese population. Trade sanctions, due to both W.T.O rules as well as the symbiotic nature of the Sino-American economic relationship, seem less likely but also within the realm of possibility. All said, though, short of willfully escalating tensions with China there isn't a whole lot Washington can do.
What do we learn from this story?
In the midst of what may develop into a diplomatic crisis between China and the United States, it's easy to forget that the whole story began with a simple act of journalism. Last fall, the Times published an article revealing the tremendous hidden wealth of former Premier Wen Jiabao, a self-styled "man of the people" who liked referring to himself in public as "grandpa Wen". The retaliatory Chinese hacks -- detailed here -- and subsequent Times investigation led directly to the uncovering of PLA Unit 61398.
China has long had an uneasy relationship with the Western media, often dismissing critical reports in newspapers such as The New York Times as little more than thinly veiled government attempts to discredit the country. Yet China's decision to retaliate against the foreign press has now produced unintended consequences. Had Beijing ignored last fall's Wen Jiabao story, the chain of events leading to Unit 61398 would likely never have materialized. One underlying lesson from this story is that a major news organization -- unusually concerned about its security -- is capable of potentially earth-shattering discoveries.
No matter your view, one thing is for sure: cyber espionage and the threat of cyber warfare are issues we must deal carefully prepare for.
Peter Thomas Senese
