It has been quite a week for those interested in cyber espionage. It began Monday with a front page New York Times article on allegations that a Chinese Army Unit was tied to espionage targeted toward U.S. companies:
Unit 61398 — formally, the 2nd Bureau of the People’s Liberation Army’s General Staff Department’s 3rd Department — exists almost nowhere in official Chinese military descriptions. Yet intelligence analysts who have studied the group say it is the central element of Chinese computer espionage. The unit as the “premier entity targeting the United States and Canada, most likely focusing on political, economic, and military-related intelligence” by the Project 2049 Institute, a nongovernmental organization in Virginia that studies security and policy issues in Asia.
On Tuesday, Mandiant, an American computer security firm, released the 60-page study on which the New York Times based much of its reporting. David Cohen offers useful analysis at The Diplomat:
There are serious implications for national security and trade policy, which experts will cover better than I can. But if true, Mandiant’s report also demonstrates a startling fact about China’s political economy – that big business has so much power that it is able to wield the country’s national security apparatus to get a leg up in contract negotiations. It is as though Goldman Sachs were able to use the wiretapping expertise of the NSA in order to get a leg up on its overseas competitors.
Mandiant argues that the work of the 61398 group has been driven by China’s drive to turn its largest State owned enterprises (SOEs) into “national champions” capable of taking on global competitors in international markets – many of its known cases focused on the strategic emerging industries, a set chosen by China’s leaders to receive enormous regulatory and market advantages. Most specific cases are unnamed, but Mandiant told Bloomberg that Chinese hackers supported CNOOC’s 2011 effort to bid for Chesapeake Energy’s natural gas division, looking through its investment bank’s files in a form of shadow “due diligence.”
Perhaps the most extravagant case is described in the New York Times story – in which, while Coca-Cola was in talks to buy China’s largest private maker of fruit juices, the 61398 group broke into its systems, evidently trying to find information about its negotiating strategy.
Read it all here. Finally, on Wednesday, the Obama Administrtion announced that it would up the ante on cyber espionage:
The White House threatened China and other countries with trade and diplomatic action over corporate espionage as it cataloged more than a dozen cases of cyberattacks and commercial thefts at some of the U.S.’s biggest companies.
“There are only two categories of companies affected by trade-secret theft: those that know they’ve been compromised and those that don’t know it yet,” Attorney General Eric Holder said at a White House conference Wednesday. “A hacker in China can acquire source code from a software company in Virginia without leaving his or her desk.”
A number of corporations backed the push to intensify pressure on foreign governments to combat the theft of trade secrets. John Powell, general counsel of American Superconductor, alleged at the conference that his firm’s intellectual property was stolen by its largest customer, a big China wind-turbine manufacturer, with the help of a former employee.
“It’s a real threat and it’s a really costly threat,” he said.
Read it all here. The new strategy is called Administration Strategy on Mitigating the Theft of U.S. Trade Secrets. Jack Goldsmith is not optimistic that we will see an end to the cyber arms race very soon:
In analyzing international relations, it is often fruitful to see problems from the adversary’s perspective. As Segal’s post suggests, and as China’s reaction this week confirms, from China’s perspective, the USG – with its redoubtable National Security Agency, its newly established Cyber Command, its documented successes in true cyberattacks, its publicly announced plans to enhance significantly its cyber capabilities (including offensive capabilities), its commitment to preemptive offensive measures to check serious cyber threats, and its aggressive policy of promoting online censorship-defeating tools (which the Chinese government sees as a core attack on Chinese sovereignty) – is at least as big a bully on the block.
The United States and China have for a while been engaged in a cyber arms race of sorts (though the “weapons” are various). It is an especially dangerous arms race because of its vast potential scope and because it is taking place almost entirely in the shadows. I don’t have any great solutions to the problem (compare this novel proposal by Stewart Baker, which is interesting but does not consider how China might retaliate), and my criticisms of the administration should definitely be seen in that light. But I feel pretty confident that unless and until we seek to better understand and (to some degree) to accommodate cybersecurity problems as the Chinese see them – a step that would be contrary to many American values, and thus something I do not expect to happen anytime soon – the arms race will continue, unabated, and not obviously to our net benefit.
Read it all here.
Charles A. Blanchard
General Counsel
United States Air Force
