In its annual report to Congress detailing the capabilities of and threats from China, Pentagon officials spend dozens of pages explaining the People’s Liberation Army’s strengths and weaknesses in each area, from nuclear weapons to artillery to information warfare. It reads the way you would expect, written as it is by a committee of military officials. But buried down in the middle of the report is one paragraph that lays out the PLA’s cyber espionage activities against the Department of Defense. With that one paragraph, those few short sentences, the Department of Defense finally has publicly acknowledged what virtually every observer of the threat landscape has known for years: China is having its way with U.S. networks.
The acknowledgement from the Pentagon, in truth, feels fairly anticlimactic. It’s the equivalent of Mark McGwire admitting to using steroids–10 years after every fan in the country had already accepted that fact. At some point it becomes sort of silly to even mention it. Water is wet, ice cream is delicious and China is attacking our networks. It just is.
The interesting thing about the Pentagon’s admission of this reality isn’t the admission itself, it’s how matter-of-fact the report is about it.
“In 2012, numerous computer systems around the world, including those owned by the U.S. government, continued to be targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military. These intrusions were focused on exfiltrating information. China is using its computer network exploitation (CNE) capability to support intelligence collection against the U.S. diplomatic, economic, and defense industrial base sectors that support U.S. national defense programs,” the report says.
“The information targeted could potentially be used to benefit China’s defense industry, high technology industries, policymaker interest in US leadership thinking on key China issues, and military planners building a picture of U.S. network defense networks, logistics, and related military capabilities that could be exploited during a crisis. Although this alone is a serious concern, the accesses and skills required for these intrusions are similar to those necessary to conduct computer network attacks.”
All good points, and ll things that have been occurring for several years now. The first sentence of that assessment begins with the words “In 2012…” If you change that to 2011, 2010, 2009 or any other recent year, you could write precisely the same sentence and be just as accurate. This is an ongoing campaign. It didn’t just dawn on the PLA last year that the DoD and defense contractors might have some valuable information.
Gen. Keith Alexander, the director of the National Security Agency and head of the U.S. Cyber Command had this to say about the situation in 2011:
“Some of these are companies that are world class at security and it’s still happening to them,” Alexander said. “Our experience says those are the ones who know they’ve been hacked. For every one of those, there are hundreds who don’t know.”
What concerns security experts and military advisers about this is not so much that foreign attackers are targeting the networks of U.S. military and defense contractors; that’s been happening for decades. The real issue is that they believe this information not only is being used by the Chinese military, as you would expect, but also is being handed over to Chinese technology and defense companies to bolster their own products.
And let’s be clear: The U.S. and its allies are engaging in much of the same cyber espionage activity against Chinese networks. The difference, experts and government officials are quick to point out, is that U.S. intelligence and military agencies don’t conduct industrial espionage for U.S. companies. That may be true, but U.S. companies certainly contribute expertise and capabilities to military efforts.
The question isn’t whether this kind of activity is occurring; even the Pentagon now admits that it is. The question instead is what the Pentagon is prepared to do about it. Thus far, there hasn’t been any kind of clear plan articulated. The Obama administration has raised the issue in diplomatic talks with China, but how much effect that has remains to be seen. What is clear is that the situation isn’t going to resolve itself. Spying is spying is spying, and the Internet has just made it that much easier and less risky for those running the operations. No one is going to give back that advantage anytime soon.
Let’s not confuse hope with a plan.