MCLC: US directly blames China for cyberattacks
Denton, Kirk
denton.2 at osu.edu
Tue May 7 08:36:59 EDT 2013
MCLC LIST
From: kirk (denton.2 at osu.edu)
Subject: US directly blames China for cyberattacks
***********************************************************
Source: NYT (5/7/13):
http://www.nytimes.com/2013/05/07/world/asia/us-accuses-chinas-military-in-
cyberattacks.html
U.S. Directly Blames China’s Military for Cyberattacks
By DAVID E. SANGER
WASHINGTON — The Obama administration on Monday explicitly accused China’s
military of mounting attacks on American government computer systems and
defense contractors, saying one motive could be to map “military
capabilities that could be exploited during a crisis.”
While some recent estimates have more than 90 percent of cyberespionage in
the United States originating in China, the accusations relayed in the
Pentagon’s annual report to Congress
<http://www.defense.gov/pubs/2013_china_report_final.pdf> on Chinese
military capabilities were remarkable in their directness. Until now the
administration avoided directly accusing both the Chinese government and
the People’s Liberation Army of using cyberweapons against the United
States in a deliberate, government-developed strategy to steal
intellectual property and gain strategic advantage.
“In 2012, numerous computer systems around the world, including those
owned by the U.S. government, continued to be targeted for intrusions,
some of which appear to be attributable directly to the Chinese government
and military,” the nearly 100-page report said.
The report, released Monday, described China’s primary goal as stealing
industrial technology, but said many intrusions also seemed aimed at
obtaining insights into American policy makers’ thinking. It warned that
the same information-gathering could easily be used for “building a
picture of U.S. network defense networks, logistics, and related military
capabilities that could be exploited during a crisis.”
It was unclear why the administration chose the Pentagon report to make
assertions that it has long declined to make at the White House. A White
House official declined to say at what level the report was cleared. A
senior defense official said “this was a thoroughly coordinated report,”
but did not elaborate.
On Tuesday, a spokeswoman for the Chinese Ministry of Foreign Affairs,
Hua Chunying, criticized the report.
"China has repeatedly said that we resolutely oppose all forms of hacker
attacks,’’ she said. ‘‘We’re willing to carry out an even-tempered and
constructive dialogue with the U.S. on the issue of Internet security. But
we are firmly opposed to any groundless accusations and speculations,
since they will only damage the cooperation efforts and atmosphere between
the two sides to strengthen dialogue and cooperation."
Missing from the Pentagon report was any acknowledgment of the similar
abilities being developed in the United States, where billions of dollars
are spent each year on cyberdefense and constructing increasingly
sophisticated cyberweapons. Recently the director of the National Security
Agency, Gen. Keith Alexander, who is also commander of the military’s
fast-growing Cyber Command, told Congress that he was creating more than a
dozen offensive cyberunits, designed to mount attacks, when necessary, at
foreign computer networks.
When the United States mounted its cyberattacks on Iran’s nuclear
facilities early in President Obama’s first term, Mr. Obama expressed
concern to aides that China and other states might use the American
operations to justify their own intrusions.
But the Pentagon report describes something far more sophisticated: A
China that has now leapt into the first ranks of offensive
cybertechnologies. It is investing in electronic warfare capabilities in
an effort to blind American satellites and other space assets, and hopes
to use electronic and traditional weapons systems to gradually push the
United States military presence into the mid-Pacific nearly 2,000 miles
from China’s coast.
The report argues that China’s first aircraft carrier, the Liaoning,
commissioned last September, is the first of several carriers the country
plans to deploy over the next 15 years. It said the carrier would not
reach “operational effectiveness” for three or four years, but is already
set to operate in the East and South China Seas, the site of China’s
territorial disputes with several neighbors, including Japan, Indonesia,
the Philippines and Vietnam. The report notes a new carrier base under
construction in Yuchi.
The report also detailed China’s progress in developing its stealth
aircraft, first tested in January 2011.
Three months ago the Obama administration would not officially confirm
reports in The New York Times, based in large part on a detailed study by
the computer security firm Mandiant, that identified P.L.A. Unit 61398
near Shanghai as the likely source of many of the biggest thefts of data
from American companies and some government institutions.
Until Monday, the strongest critique of China came from Thomas E. Donilon,
the president’s national security adviser, who said in a speech at the
Asia Society in March that American companies were increasingly concerned
about “cyberintrusions emanating from China on an unprecedented scale,”
and that “the international community cannot tolerate such activity from
any country.” He stopped short of blaming the Chinese government for the
espionage.
But government officials said the overall issue of cyberintrusions would
move to the center of the United States-China relationship, and it was
raised on recent trips to Beijing by Treasury Secretary Jacob J. Lew and
the chairman of the Joint Chiefs of Staff, Gen. Martin E. Dempsey.
To bolster its case, the report argues that cyberweapons have become
integral to Chinese military strategy. It cites two major public works of
military doctrine, “Science of Strategy” and “Science of Campaigns,”
saying they identify “information warfare (I.W.) as integral to achieving
information superiority and an effective means for countering a stronger
foe.” But it notes that neither document “identifies the specific criteria
for employing a computer network attack against an adversary,” though they
“advocate developing capabilities to compete in this medium.”
It is a critique the Chinese could easily level at the United States,
where the Pentagon has declined to describe the conditions under which it
would use offensive cyberweapons. The Iran operation was considered a
covert action, run by intelligence agencies, though many techniques used
to manipulate Iran’s computer controllers would be common to a military
program.
The Pentagon report also explicitly states that China’s investments in the
United States aim to bolster its own military technology. “China continues
to leverage foreign investments, commercial joint ventures, academic
exchanges, the experience of repatriated Chinese students and researchers,
and state-sponsored industrial and technical espionage to increase the
level of technologies and expertise available to support military
research, development and acquisition.”
But the report does not address how the Obama administration should deal
with that problem in an economically interconnected world where the United
States encourages those investments, and its own in China, to create jobs
and deepen the relationship between the world’s No. 1 and No. 2 economies.
Some experts have argued that the threat from China has been exaggerated.
They point out that the Chinese government — unlike, say, Iran or North
Korea — has such deep investments in the United States that it cannot
afford to mount a crippling cyberstrike on the country.
The report estimates that China’s defense budget is $135 billion to $215
billion, a large range attributable in part to the opaqueness of Chinese
budgeting. While the figure is huge in Asia, the top estimate would still
be less than a third of what the United States spends every year.
Some of the report’s most interesting elements examine the debate inside
China over whether this is a moment for the country to bide its time,
focusing on internal challenges, or to directly challenge the United
States and other powers in the Pacific.
But it said that “proponents of a more active and assertive Chinese role
on the world stage” — a group whose members it did not name — “have
suggested that China would be better served by a firm stance in the face
of U.S. or other regional pressure.”
This article has been revised to reflect the following correction:
Correction: May 7, 2013
An earlier version of this article gave the incorrect number for the unit
identified by a New York Times article in February as the likely source of
many of the biggest thefts of data from American companies and some
government institutions. It is P.L.A. Unit 61398, not 21398. The name of
China’s first aircraft carrier was also misspelled. It is the Liaoning,
not the Lianoning.
More information about the MCLC
mailing list