Cyber experts say calling out China may be working

SINGAPORE >> After years of quiet and largely unsuccessful diplomacy, the U.S. has brought its persistent computer-hacking problems with China into the open, delivering a steady drumbeat of reports accusing Beijing’s government and military of computer-based attacks against America.

Officials say the new strategy may be having some impact.

In recent private meetings with U.S. officials, Chinese leaders have moved past their once-intractable denials of cyber espionage and are acknowledging there is a problem. And while there have been no actual admissions of guilt, officials say the Chinese seem more open to trying to work with the U.S. to address the problems.

“By going public the administration has made a lot of progress,” said James Lewis, a cybersecurity expert at the Center for Strategic and International Studies who has met with Chinese leaders on cyber issues.

But it will likely be a long and bumpy road, as any number of regional disputes and tensions could suddenly stir dissent and stall progress.

On Wednesday, China’s Internet security chief told state media that Beijing has amassed large amounts of data about U.S.-based hacking attacks against China but refrains from blaming the White House or the Pentagon because it would be irresponsible.

The state-run English-language China Daily reported that Huang Chengqing, director of the government’s Internet emergency response agency, said Beijing and Washington should cooperate rather than confront each other in the fight against cyberattacks. Huang also called for mutual trust.

President Barack Obama is expected to bring up the issue when he meets with China’s new president, Xi Jinping, in Southern California later this week. The officials from the two nations have agreed to meet and discuss the issue in a new working group that Secretary of State John Kerry announced in April. Obama’s Cabinet members and staff have been laying the groundwork for those discussions.

Standing on the stage at the Shangri-La Dialogue security conference last weekend, Defense Secretary Chuck Hagel became the latest U.S. official to openly accuse the Chinese government of cyber espionage — as members of Beijing’s delegation sat in the audience in front of him. The U.S., he said, “has expressed our concerns about the growing threat of cyber intrusions, some of which appear to be tied to the Chinese government and military.”

But speaking to reporters traveling with him to the meeting in this island nation in China’s backyard, Hagel said it’s important to use both public diplomacy and private engagements when dealing with other nations such as China on cyber problems.

“I’ve rarely seen that public engagement resolves a problem, but it’s important,” he said, adding that governments have the responsibility to keep their people informed about such issues.

The hacking issue also featured prominently over two days of meetings between the U.S. Chamber of Commerce and a leading Chinese trade think tank in Beijing.

“This is arguably the single most consequential issue that is serving to erode trust in the relationship,” said Jeremie Waterman, the chamber’s executive director for greater China. “Over time, it could undermine business support for U.S.-China relations.”

According to Lewis and other defense officials familiar with the issue, China’s willingness to engage in talks with the U.S. about the problem — even without admitting to some of the breaches — is a step in the right direction.

Cybersecurity experts say China-based instances of cyber intrusions into U.S. agencies and programs — including defense contractors and military weapons systems — have been going on since the late 1990s. And they went along largely unfettered for as much as a decade.

A recent Pentagon report compiled by the Defense Science Board laid out what it called a partial list of 37 programs that were breached in computer-based attacks, including the Terminal High Altitude Area Defense weapon, a land-based missile defense system that was recently deployed to Guam to help counter the North Korean threat. Other programs whose systems were breached include the F-35 Joint Strike Fighter, the F-22 Raptor fighter jet and the hybrid MV-22 Osprey, which can take off and land like a helicopter and fly like an airplane.

The report also listed 29 broader defense technologies that have been compromised, including drone video systems and high-tech avionics. The information was gathered more than two years ago, so some of the data are dated and a few of the breaches — such as the F-35 — had already become public.

According to U.S. officials and cyber experts, China hackers use gaps in software or scams that target users’ email systems to infiltrate government and corporate networks. They are then often able to view or steal files or use those computers to move through the network accessing other data.

Chinese officials have long denied any role in cyberattacks and insisted that the law forbids hacking and that their military has no role in it. They have also asserted that they, too, are often the victim.

Cyber experts say some of the breaches that emanate from Internet locations in China may be the product of patriotic hackers who are not working at the behest of Beijing’s government or military but in independent support of it.

The Chinese government’s control of the Internet, however, suggests that those hackers are likely operating with at least the knowledge of authorities who may choose to look the other way.

U.S. officials have quietly grumbled about the problem for several years but steadfastly refused to speak publicly about it. As the intrusions grew in number and sophistication, affecting an increasing number of government agencies, private companies and citizens, alarmed authorities began to rethink that strategy.

They were pressed on by cybersecurity experts — including prominent former government officials — who argued that using cyberattacks to steal intellectual property, weapons and financial data and other corporate secrets brought great gain at very little cost to the hackers. The U.S. government, they said, had to make it clear to the Chinese that continued bad behavior would trigger consequences.

In November 2011, U.S. intelligence officials for the first time publicly accused China and Russia of systematically stealing American high-tech data for economic gain.

That was followed by specific warnings about Chinese cyberattacks in the last two annual Pentagon reports on China’s military power. And in February, the Virginia-based cybersecurity firm Mandiant laid out a detailed report directly linking a secret Chinese military unit in Shanghai to years of cyberattacks against U.S. companies. After analyzing breaches that compromised more than 140 companies, Mandiant concluded that they can be linked to a unit that experts believe is part of the People’s Liberation Army’s cyber command.

The change in tone from the Chinese leaders came through during recent meetings with Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, and has continued, according to officials and experts familiar with more recent discussions with Chinese leaders.

Still, experts say that progress with the Chinese will still be slow and that it’s naive to think the cyberattacks will stop.

“This will take continuous pressure for a number of years,” said Lewis. “We will need both carrots and sticks, and the question is when do you use them.”