Sydney Morning Herald
In the most detailed account yet of the cyber spying, a report this week by the Mandiant security firm said it traced back attacks by one group of hackers to a building on the outskirts of Shanghai that houses a unit of the People's Liberation Army.
The report said the hackers, known as "APT1" or "Comment Crew", had stolen data from at least 141 organisations across 20 industries.
The New York Times Caucus blog
explains how far the public comments have gone and got nowhere:
Asked on the ABC News program “This Week” whether he believed that the Chinese government and military were behind the economic espionage, Mr. Rogers (House Intelligence Committee chairman) replied, “Beyond a shadow of a doubt.”
He said the attacks were illegal and unprecedented in scope, and that the United States was not currently able to protect American companies from them.
“We’re not ready yet,” he said. “We are completely vulnerable to this.”
Mr. Rogers suggested that the United States use not just economic sanctions on those responsible but also to take tough action against specific Chinese individuals.
Put these two together and you’ll see a few problems-
1. The PLA is being directly accused of cyber theft
2. There’s no way of taking “tough action” against anyone without some cooperation from the Chinese government
3. The ramifications of any sanctions would inevitably be a global trade war, with serious economic consequences.
There’s another side to this issue, and if Beijing and the US don’t want to talk about it or even think about it, it’s quite understandable.
The fact is that information is a valuable commodity. Targeting, acquiring and “repurposing” intellectual property doesn’t necessarily have anything to do with politics, the PLA or the US government. It’s a huge global industry, and some information can quite literally be worth billions of dollars. Is anyone supposed to seriously believe that China’s huge internet presence doesn’t include a few options for doing some entrepreneurial freelancing? The market for information is gigantic. These hackers could get very rich, and very influential.
They could also get real power. Corporate information is pretty grim stuff. It’s a range of information including a lot of materials which have potentially infinite uses, including blackmail which could compromise a lot of people. Even in America’s pure as the driven snow financial sector a lot of information is ultra-sensitive. Individuals in sensitive areas, particularly security and military, can be just as easily targeted.
Let’s start with the United States issues- Complaining about cyber theft alone is like complaining about a bullet after it’s hit someone. The theft is one problem. The damage itself is a vast number of other problems. Controlling the damage is the issue that’s not being mentioned. Does that make a lot of sense, in context with the size and scope of the problems?
Another point- In the intelligence community, what you know about what the other guy knows is truly critical information. It’s also a good indicator of sources. You can figure out where they got the information. The US has apparently been able to find out which information has been sourced. Why advertise to the world that you know what the other guy knows?
What’s really fascinating is that China is trying to look indifferent about a range of cyber skills which can also be used internally. If these hackers can hit anywhere on Earth, what can they do in China itself? Beijing is a tough place, and a very tough place when information that’s supposed to be secret can be accessed.
The PLA may well be a reliable organ of the government, but “government” in China’s very complex range of political and business relationships is a pretty vague term. Who knows what may well be very tricky indeed. It’s absurd to think that China doesn’t need a working intelligence agency, but it’s even more absurd to think that this agency, like most intelligence communities around the world, doesn’t have its own agenda.
Rogue intelligence operators aren’t exactly a new thing. The KGB, CIA, MI6, Mossad and many others have had insiders working for either themselves or other parties. Why would the PLA be different? China’s problem is that if the Chinese government is for some reason actually unaware of illegal operations carried out without its authorization, it also can’t know the full scope of what’s being accessed.
I doubt very much if the senior people in Beijing could possibly that naïve. They may, however, be being given the information they want, but also be to some degree unaware of any other information being obtained. Figures indicate massive activity across the world, and keeping track of that much information isn’t easy. It’s particularly difficult if the people getting the information are also experts at hiding it.
The public version of the issue is way too simplistic. It’s not a case of US vs. China. It’s a case of intelligence which can affect both parties in many ways vs. the best interests of both countries.
It’s not in the interest of the US to make assumptions, let alone accusations, regarding an extremely complex issue. It’s not in China’s interests to simply assume that Beijing is being given all the facts, either. There are real risks here for both sides, and simply assigning innocence or guilt really isn’t good enough.