Analysis: Can naming, shaming curb cyber attacks from China?

Reuters News
|
Posted: Jun 03, 2011 3:48 PM
Analysis: Can naming, shaming curb cyber attacks from China?

By Paul Eckert

WASHINGTON (Reuters) - Targets of pervasive Chinese cyber attacks hope the latest breach of Google email will spark a robust U.S. response but Washington may find it hard to pin precise blame on China and cannot go too far against a key economic and diplomatic partner.

An aggressive stance is the only thing that forced China to budge on problems like counterfeiting or trade barriers, proponents say. Skeptics worry about adding another contentious issue to fraught ties with a major U.S. creditor and say a smoking gun is hard to put in Beijing's hand.

Google Inc said on Wednesday it disrupted a "phishing" campaign aimed at stealing passwords of hundreds of Google email account holders, including senior U.S. government officials, Chinese activists and journalists.

Without saying the Chinese government was behind the breaches, Google said the attack appeared to originate in Jinan, a city linked to previous cyber attacks, drawing an angry denial from China's foreign ministry.

State Department spokesman Mark Toner said on Friday the United States has asked Beijing to investigate Google's latest allegations. He declined to say whether Washington believes Beijing may have had a hand in the alleged hacking attack.

U.S. agencies and organizations who work on China said the Google attack is just one example of a pervasive challenge.

The working assumption at one U.S. government economic agency was that "the Chinese can pretty much hack anyone they want any time they want," said a government aide, speaking on condition of anonymity because of the delicacy of the issue.

A business lobby official, who said his group's email accounts were under "constant attack" by Chinese phishing schemes of growing sophistication, applauded Google's move.

"China needs to be held accountable and naming and shaming might be the most effective option to curb Chinese behavior," said the official.

OBVIOUS AND RELENTLESS

Chinese entities are not the only cyber warriors or spies lurking on the Internet, where Russian and Eastern European criminals prowl for bank and credit cards details and mostly Western "hactivists" spread political messages or flaunt their skills.

But malicious attacks originating from China are often obvious: No other state pays much attention to Chinese dissidents, Falun Gong activists or Tibetan exiles.

They are also relentless, said Nick Levay, associate director of information security and operations at the Center for American Progress, a Washington thinktank

"Those who have been targeted by China have dealt with a certain level of persistence and seen these attacks take place over long periods of time, where all signs point back to China and it really feels like they're not even trying to hide that it's them anymore," he said.

A decade ago, most cyber attacks originating in China targeted the Pentagon and U.S. arms makers. U.S. experts generally suspect but have not formally alleged that what Lockheed Martin Corp described as a "tenacious" attack on its networks on May 21 originated in China.

Evolving U.S. defense policy is moving toward treating cyber attacks as acts of war to be met with military retaliation but analysts said this is aimed at devastating blows to infrastructure -- not the hacking of email accounts.

Levay said Chinese cyber attacks noticeably escalated after the 2008 Beijing Olympics and "expanded pretty much across all sectors: the financial sector, the tech sector, the non-profits involved in government policy."

WHERE AND HOW TO COMPLAIN?

The recent Google email attacks appear to be the work of the People's Liberation Army's Jinan-based technical reconnaissance bureau or the Ministry of State Security, said former military intelligence officer Larry Wortzel.

"The question you have to ask is: Who or what entity in China has an interest in former U.S. government officials and journalists?' That's the security apparatus," said Wortzel, a member of the U.S.-China Economic and Security Review Commission that advises lawmakers on policy.

Wortzel and other experts say going public will help.

"So far when breaches occur, like the ones with Google, the people who were breached condemn the attacks and say they were attributable to China and China turns around and denies that anything happened at all," said Levay.

"So far there hasn't been a downside for them (China)," he said, suggesting that cyberspace be made a formal part of military dialogue between the United States and China.

Defense Secretary Robert Gates met Chinese Defense Minister General Liang Guanglie at the annual Shangri-La Security Dialogue in Singapore on Friday but did not discuss the recent cyber attacks on Lockheed Martin and Google email accounts, U.S. officials aid.

"What you want to weigh is, in the larger context of the relationship, is this particular incident worth raising and where do you raise it," said James Lewis, director of the Technology and Public Policy Program at the Center for Strategic and International Studies.

"Given how parlous and how fragile the (military-to-military) talks are, is it better for (Gates) to bring it up or is it better for the State Department, which has consistently been hitting China on their restrictions on Internet freedom, to bring it up?"

China is likely to wave off the complaints for now, said legal and technology experts, because it remains hard to identify and prosecute specific culprits in cyber attacks, even if their home country is clear.

(Additional reporting by Andrew Quinn, Doug Palmer and David Alexander in Singapore; Editing by John O'Callaghan)