Threat Intelligence, Network Security

RSA 2013: Security wonks debate whether China will get the message to stop hacking

The jury is out on whether China will scale down its cyber espionage activity after the country was called out in a well-publicized report on a military hacking unit and subsequently in a White House strategy to curb trade secret theft, according to a panel of policy experts assembled Tuesday at the RSA Conference in San Francisco.

Members of the panel, titled "Cyber Battlefield: The Future of Conflict," generally agreed that the steps taken by the White House to try to limit intellectual property theft of U.S corporations and government agencies by foreign spies is a positive move, albeit one that should have happened several years ago. Plans from the Obama administration include increased diplomatic and law enforcement efforts, as well as additional private-public collaboration and the possible imposition of trade sanctions on offenders.

"I'm a big fan of at least trying," said Jason Healey, director of the the Cyber Statecraft Initiative at the Atlantic Council, an international affairs think thank based in Washington, D.C. He added that the United States could consider working with non-traditional allies, such as Russia or nations in Africa, to encourage China to clean up its act. 

Last week, forensic and incident response firm Mandiant released a 60-page report revealing the details of secret Chinese military unit 61398, the outfit believed to be behind a massively scaled data theft operation that stole of hundreds of terabytes of information from 141 organizations, primarily based in the United States. Mandiant named the group APT1. China reportedly denied the allegations and said many hacking groups exist within the United States.

Panelist James Lewis, senior fellow and director of the Technology and Public Policy Program at the Center for Strategic and International Studies, said he's visited with senior Chinese officials a number of times. Usually, they are not interested in discussing the topic of cyber snooping.

"In the U.S., military espionage is heroic and economic espionage is a crime," Lewis said. "In China, the line is not as clear...[China] is a big country. I don't think they're going to burst into tears if we say mean things about them."

But Lewis was quick to dismiss the notion that a cyber Cold War is underway. 

"They're our closest trading partner," he said.

Martin Libicki, senior scientist at RAND, a global policy consortium, said even if China technically ended economic espionage, it could still wreak havoc by justifying ts activity by compromising companies that have any connection to the U.S. military.

"Even if they are on their best behavior, they'd still be in the newspaper," Libicki said.

As far as the deterrent of bringing criminal actions against suspected Chinese hackers in the United States, Healey warned that would be a dangerous precedent to set. China could just as easily turn around and seek charges against U.S. military leaders, such as Gen. Michael Hayden for his connection to the alleged American-led eavesdropping network known as Echelon

The panel also discussed the threat posed by other countries, including Iran. While members agreed the country poses a significant threat, Healey reminded them that U.S. government actions, including the unleashing of Stuxnet, likely has prompted attacks from that country, which may include DDoS attacks against U.S. financial institutions.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.