- The Washington Times - Thursday, August 6, 2009


“Gentlemen do not read each other’s mail.” With that, Secretary of State Henry Stimson dismantled the U.S. government’s only code-breaking capability on the cusp of World War II.

Today, in the era of the Internet, gentlemen know that other gentlemen are reading their mail, messing with their mail, putting viruses in their mail, and pretty much having their way with their mail.

Even so, China’s cyberexploits are in a league of their own.

In March, Canadian researchers reported that China had infiltrated computer systems in 103 countries, ranging from embassies to factories. The sweeping electronic spy network acquires vast quantities of data through precision strikes, and leaves behind malware capable of positive control over the computer’s audio recording functions — a sort of stay-behind eyes and ears in the room.

This news has made people sit up and take notice, but not because China’s cyberactivities were unknown to government observers. The really startling development is that a private research group was able to see so deeply into China’s operations, and then go public with its findings.

In fact, the Canadian report is only the latest public peek under the tent of Chinese cyberespionage. In the last two years, the Indian, Belgian, British and German governments, among others, reported intrusions into their servers and networks emanating from China. German Chancellor Angela Merkel’s public caution to China “to respect the rules of the game” fell on deaf ears.

Here at home, computer intrusions originating in China have had government security experts working furiously around the clock. All U.S. national weapons laboratories, Pentagon computers, communications systems and other sensitive networks have been barraged by China-based cyberintruders. Add the legions of human spies out stealing secrets and technology for China (including the prolific Dongfan Chung, convicted last month after 27 years of espionage that netted sensitive data on the space shuttle, Delta IV rocket, B-1 and B-52 bomber, F-15 fighter, and Chinook helicopter programs) and the counterintelligence picture that emerges is grim.

U.S. spokesmen are careful to say that Chinese government sponsorship of these cyberattacks cannot be proven and thus should not be presumed. Still, it is difficult to see how global cyberespionage could be orchestrated from within China without government involvement, if not direct control. A government that can — and has — cut off all access to YouTube overnight, and closely monitors all domestic Internet traffic for “subversive” content, is surely not a mere bystander in the world’s largest cyberring being run from Chinese soil.

But espionage is only part of the story.

In April, the Wall Street Journal reported that Chinese and other cyberintruders have penetrated America’s electric-power grid and implanted software that could be used to disrupt the country’s power supplies. In Britain, intelligence and security services warn that Chinese-produced components integrated into British Telecom’s network could be exploited to disable Britain’s communications and utilities. (Who needs stealthy intrusions when a low contract bid will suffice?)

What has been Beijing’s response? Deny all, make counteraccusations, and do not cooperate in investigations. And this seems to be working.

Constructive engagement has become the one-size-fits-all answer. The lure of China’s vast markets and the money to be made has many in the U.S. business and industry sectors fawning over Chinese officials who can make or break those deals. Our mutual dependence, the argument goes, is the ultimate guarantee that dark fears of cyberdisruption will never come about.

Then why are the Chinese investing so much time and treasure mapping our networks, testing capacity limits and engineering assured access? Meanwhile, it is business and industry that have the most at stake if the information systems that undergird the global economy become conduits for stealing proprietary information and putting daily operations at risk.

President Obama has put the wheels in motion to reorganize government to secure cyberspace, and the search is on for a high-level cybersecurity coordinator. Still, new organizations can only get us so far. You will know the administration is serious about cybersecurity when it starts naming names and calling foreign leaders to account.

The more difficult question is, how can we gain the upper hand on an intruder that is already through the door? There is an answer, but you won’t find it in the president’s cyberplan.

U.S. counterintelligence needs to get inside the attacker’s wide-ranging intelligence operations to find out what they are doing and how they are doing it, in order to stop them, confuse them, and otherwise tip the scales in our favor. Our adversaries understand the advantages of linking cyberexploits to clandestine human and technical intelligence operations as part of a strategic plan of attack; the U.S. response needs to be equally seamless, purposeful and strategically coherent.

We have a national counterintelligence strategy to do just that, to go on the offense against foreign intelligence threats. Unfortunately, with national leadership distracted and individual agencies guarding their turf, it has never been implemented.

Gentlemen, may a lady suggest that now would be a good time to start?

Michelle Van Cleave was head of U.S. counterintelligence under President George W. Bush and assistant director of the White House Office of Science and Technology under Presidents Reagan and George H.W. Bush.



Click to Read More

Click to Hide