China must admit to and stop attacks upon American business and government computer networks, President Obama's national security adviser said today (March 11).
"Increasingly, U.S. businesses are speaking out about their serious concerns about sophisticated, targeted theft of confidential business information and proprietary technologies through cyber intrusions emanating from China at a very large scale," Thomas E. Donilon said in a speech to the Asia Society in New York.
Donilon's remarks are the first direct remarks about Chinese computer espionage by a top American official willing to go on the record. President Obama mentioned foreign hackers in his State of the Union address last month, but did not name a specific country.
Security experts have suspected Chinese spies of hacking into American networks for at least five years. The evidence has grown overwhelming in the past few months with documented attacks upon the New York Time s, Wall Street Journal and Washington Post.
"The international community cannot afford to tolerate such activity from any country," Donilon said in his speech. "The United States will do all it must do to protect our national networks, our critical infrastructure, our valuable public and private-sector property."
In the past year, reporters and researchers from the Times, Bloomberg News and the security firm Mandiant have traced cyberespionage campaigns back to single individuals in China. The individuals, when contacted, deny any part in espionage operations.
Three things
"Specifically with respect to the issue of cyber-enabled theft, we seek three things from the Chinese side," Donilon told the Asia Society.
"First, we need a recognition of the urgency and scope of the problem and the risk it poses — to international trade, to the reputation of Chinese industry and to our overall relations," he said.
"Second, Beijing should take serious steps to investigate and put a stop to these activities," Donilon added. "Finally, we need China to engage with us in a constructive direct dialogue to establish acceptable norms of behavior in cyberspace."
China's official position is that it does not engage in cyberespionage, and is instead the victim of countless cyberattacks emanating from the United States. Yesterday (March 10), the Chinese foreign minister called for international cooperation on lessening computer espionage.
Such espionage involves the threat of trade secrets to eliminate the research and development advantage enjoyed by American firms over their Chinese counterparts, as well as governmental policy secrets that intelligence agencies normally seek.
Mandiant's report also gave evidence of Chinese spies collecting information upon American power grids, water distribution systems and other pieces of critical infrastructure — exactly what U.S. officials fear might be targeted in a "cyber Pearl Harbor."
Chinese espionage attempts upon European, Russian, Japanese, Indian and Taiwanese companies and governments, as well as upon Tibetan and Uyghur separatists in exile from China, have also been well-documented.
[ 10 Top Targets for a 'Cyber Pearl Harbor' ]
Words left unsaid
The U.S. government has never been shown to engage in cyberespionage against China, but the American role in the creation and use of the Stuxnet cyberweapon that crippled an Iranian nuclear facility in 2010 is an open secret.
The U.S. government is also considered by many information-security experts to be behind the highly sophisticated Flame espionage software, which forged a Microsoft digital signature in order to infect targeted computers in the Middle East, including Iran.
As the New York Times mentioned, Donilon did not mention American efforts to undermine Iranian computer security.
China and the U.S. are economically interdependent and often work together in the international arena. Just this past Friday, the two nations jointly drafted new U.N. Security Council sanctions against North Korea after Pyongyang's most recent nuclear test.
"We have worked hard — and this has been a top priority of the president and myself over the last four years, and [former] Secretary [of State Hillary] Clinton obviously — to build a constructive bilateral relationship that allows us to engage forthrightly on priority issues of concern," Donilon said.
"The United States and China, the world's two largest economies, both dependent on the Internet, must lead the way in addressing this problem."