Credit: Original article can be found here
IN 2014 then-President Barack Obama tried to get serious about China’s state-sponsored hacking of American companies, which by then was already seen as a long-running problem. That year the Justice Department indicted, in absentia, five members of the People’s Liberation Army for hacking commercial secrets. A year later Mr Obama and Xi Jinping, China’s president, mutually pledged that their cyber-armies would lay off the private corporations and trade secrets of each other’s country.
Since then things have got much worse. On July 19th the Biden administration identified China’s Ministry of State Security (MSS) as the perpetrator of an attack in March on Microsoft’s Exchange email server, giving China’s hackers access to tens of thousands of networks around the world. The administration also accused the MSS of contracting with criminal hackers who have conducted ransomware attacks seeking millions of dollars, including “a large ransom request made to an American company”. The government issued an advisory calling China’s hacking a “major threat” to the security of America and its allies. And perhaps crucially, America recruited those allies to admonish China by name, something they have been typically loth to do. NATO joined America for the first time in condemning China for state-sponsored hacking; the European Union, Britain, Canada, Japan, Australia and New Zealand also issued statements calling on China to end such activity. (In one characteristic response, the Chinese embassy in Wellington, New Zealand, called the accusations a “malicious smear”.)
The tough words come without any sanctions like those imposed by America in April on Russia, after the administration accused a Russian intelligence agency of masterminding the SolarWinds hack that breached the networks of at least nine federal government agencies and more than 100 companies. In China’s case America could have sanctioned firms affiliated with the MSS, or those that have benefited from espionage; perhaps they will yet do so.
But senior officials hope to persuade allies to join America in taking some form of action collectively, under the argument that unilateral steps have little effect on China’s behaviour. Multiple indictments since the first in 2014 appear to have done nothing to slow China’s state-sponsored attacks. Nor did Mr Xi’s pledge to Mr Obama have much impact; analysts believe that instead China may have taken a brief respite, only to resume its operations with more stealth and sophistication. The scale of the attacks has become more threatening too, as the evolution of cloud-based “software-as-a-service” (such as Microsoft Exchange) makes single point-of-failure targets far richer in treasures than in the past. For all the attention devoted to the Taiwan Strait and trade tariffs, cyber-espionage may remain the most hostile and active mode of conflict between China and America—and America’s allies—for years to come.
Administration officials offered few details about the recent hack and ransomware attack. Experts say it will take months to assess the damage done by the compromise of Microsoft Exchange. The administration in recent days publicised two unrelated federal prosecutions that show a particular interest by China in maritime military know-how, of potential use in the Taiwan Strait or the South China Sea. On July 19th the Justice Department released an indictment, filed under seal in May, that charged four Chinese state security agents in absentia with economic espionage, documenting the hacking of American companies, universities and government institutions over seven years. Prosecutors allege the agents used a front company to disguise their connection to the Chinese government while stealing technology in fields ranging from Ebola research to submersibles. On July 14th a Chinese national was sentenced to three-and-a-half years in federal prison for his role in a conspiracy to illegally export “raiding craft” that can be launched from submarines and which use a special type of engine not manufactured in China.
Such prosecutions are becoming a regular occurence. The Centre for Strategic and International Studies (CSIS), a Washington think-tank, has compiled a list of more than 150 publicly reported cases of Chinese espionage directed at America from 2000 to 2020. There were three times as many incidents in the second decade as in the first. The hackers often sought commercial or military technology.
“Cybersecurity is the arena for strategic conflict in the 21st century,” says James Lewis of CSIS. Joe Biden, he says, “takes it much more seriously than any of his predecessors”. In May the president signed an executive order on cybersecurity that directed federal agencies to secure cloud services, deploy multi-factor authentication and encryption, and improve the government’s ability to detect intrusions.
Such defensive measures will probably represent the wisest course the Biden administration can take to slow the onslaught of state-sponsored hacks. Mr Lewis, who has participated in previous negotiations with Chinese authorities over cybersecurity, believes that China can be dissuaded somewhat if America can convince its allies to take strong collective action, perhaps using the strategic campaign against Huawei as a blueprint.
With their statements on July 19th, America’s allies demonstrated an interest in supporting a “rules-based international order” in cyberspace. But some of them will take more convincing than others. Even in an optimistic scenario, Mr Lewis says, it may take years to see results. Until then, batten down the hatches.