The Cyber Threat: Government Debates Cyber Counterattacks as Chinese Attacks Continue Unabated

Recent talks with Chinese delegation achieve little progress

China’s aggressive cyber espionage and military reconnaissance operations against both U.S. government and private networks show no sign of abating under the Obama administration’s policy of holding talks and threatening but not taking punitive action.

Typical of the administration’s approach has been the seemingly endless series of high-level meetings with Chinese officials, such as talks held last week in Washington to discuss “norms” of behavior in cyberspace.

For at least the past five years, President Obama and the White House have ignored appeals from security and military officials, as well as from Congress and the private sector, to show greater resolve and take some type of action against the Chinese, lest the country’s technology wealth be drained empty.

The meeting on May 11 included officials of the Senior Experts Group on International Norms and Related Issues. Christopher Painter, State Department coordinator for cyber issues, led the U.S. side, and the Chinese delegation was headed by Wang Qun, director of the Chinese Foreign Ministry’s department of arms control.

China’s appointment of an arms control official to lead their delegation shows clearly Beijing’s approach to the discussions: The Chinese, as with other communist regimes, view arms control as political warfare and a means of limiting your enemies capabilities while pretending to agree to limits on your own capabilities. The Soviets perfected this tactic in the Cold War.

The administration has been talking to China for years with little result. In fact, an earlier round of talks were cut off by the Chinese in 2014 after the Justice Department indicted five People’s Liberation Army hackers for stealing corporate data from Westinghouse, Alcoa, and other entities. China demanded the indictment be dropped, even though an actual prosecution remains extremely unlikely.

This week’s talks grew out of the summit in September between Obama and Chinese leader Xi Jinping. It was at the summit that the president was set to actually impose sanctions on China for more than five years of widespread data theft and hacking, most recently the theft of Office of Personnel Management records on 22 million federal workers. But at the last minute, Xi staved off the sanctions by merely pledging that China would end cyber economic espionage. The pledge prompted a relieved Obama, ever fearful of escalating confrontation, to back off the sanctions.

Nicole Thompson, a State Department spokeswoman, told The Cyber Threat the talks last week were the first meeting of the experts group. The talks included discussion of whether international law applies to state actions in cyber space, adopting voluntary international norms of state behavior in peacetime, and unspecified cyber confidence building measures.

Thompson declined to say whether the talks were productive or contentious, or whether any progress was made. China’s state-run Xinhua, however, said the two sides engaged in “positive, in-depth, and constructive” conversations.

We can glean from testimony before Congress by Painter, the cyber security coordinator, how the U.S. side likely approached the talks, however. Painter told the Senate a year ago that the administration wants an agreement on “voluntary measures of self-restraint,” such as promising not to attack critical infrastructure, not conducting cyber attacks on systems used to respond to cyber attacks, and cooperation on investigating cyber crime.

A final objective is for governments to shun “cyber-enabled theft of intellectual property” and giving the secrets to companies. This is what Xi promised in September and yet China has continued to ignore the accord. No one in the Obama administration at any level has called the Chinese president to account for the lie.

As the pervasive nature of Chinese cyber attacks begins to sink in and the damage revealed, the debate within government over how to respond is heating up. At the forefront is Adm. Mike Rogers, commander of the U.S. Cyber Command and director of the National Security Agency, who has lamented that the cost of entry for cyber spying remains low. He has also warned that state-sponsors of hacking face no fear of a counter attack or other punitive measures that could create a deterrent calculus for Chinese leaders. Continued inaction by the president on Chinese cyber attacks proves his point.

Asked why there has been no action against the Chinese, a White House official would not say, other than to note that “we consistently and candidly raise our concerns” with the Chinese and press them to abide by pledges not to conduct cyber attacks. “We have been clear with the Chinese government that we are watching to ensure their words are matched by actions,” the official said.

A new policy of cyber deterrence and counter cyber attacks is needed before it is too late and the high-technology wealth of the United States and its national security are squandered.

Full article: The Cyber Threat: Government Debates Cyber Counterattacks as Chinese Attacks Continue Unabated (Washington Free Beacon)

Comments are closed.