The press is filled with stories these days of computer intrusions and illegal electronic snooping.  Over the past couple of months we’ve had stories of a major network of computers accessing other computers around the world, including those of the Dalai Lama, stealing files and even remotely turning on webcams and microphones to see and hear what is going on.  We’ve had reports of probes of computer systems in the offices of members of the US Congress.  Within the last week or so we’ve had stories of successful efforts to access computer networks that control the US power distribution grid, with the intruders leaving behind software that could be activated in the future for nefarious purposes.  And virtually every friend of mine in the US government has tales of their agencies, including in some cases their own e-mail accounts, being probed or attacked by outside computers.  Recently I heard that a China expert at a think tank in DC has concluded that his e-mail account too is being targeted.

All of these reports have one thing in common:  China is always cited as possibly the major source for the probes/attacks.

Responsible reporting always emphasizes that it is hard to tell where these attacks originate.  Even if you trace an attack to a server in a particular country it is still possible that someone in another country is routing their attacks through this third country site.  Also, if you confirm an attack really has come from a particular country it is difficult to determine if it is the work of the government, criminal gangs, or individual hackers.

I have no special insight into the extent to which the Chinese government or individuals in China are responsible for the activity we’ve been reading about (though I’d be surprised if at least a sizable part of it does not originate in China), but I do have strong views on how to think about these issues:

­­­­­­­­­­I was US Consul General in Shanghai at the time of the EP-3 incident.  I made it a point to visit area universities in the days and weeks after that collision to meet with students to ensure that this important, intelligent, and emotional segment of Chinese society had access to the US side of the story.  At each session I was treated to a series of comments and ques­tions the main theme of which was that the students were indignant that the US flew spy planes off the coast of China.  This was viewed as an inherently hostile action.  And they often asked, “How would Americans feel if China flew spy planes off the coast of the US?”

I responded by asking rhetorically if they felt that all such activities were bad, or only those directed against China?  I quickly added that I was asking because China itself had spy planes and ships that prowled the coasts of nearby countries collecting intelligence.  It was true that, due to lack of range, these activities did not extend across the Pacific to the coast of the US, but I figured that someday it would.  Further, to my knowledge, most countries in the world conducted ­­­­­­­­similar activities.  The Soviet Union previously and Russia now conduct flights off the coast of the US.  Americans don’t like it, but accept it as normal international behavior.

Returning to the current issue of computer intrusions, I think that if we somehow magically could total up the level of activity by each government in the world in accessing foreign telecommunications and computer systems to gather information, the US would be the clear leader by an order of magnitude (or two or three).  I don’t speak from any inside knowledge of the full scope of US government activities, but just do some Google searching for stories from reputable news sources on this subject, or peruse the books by James Bamford re NSA efforts over the  years.

I am not criticizing the US government for these efforts.  I view it as a regrettable reality that governments need to undertake such activities in the dangerous world in which we live.  Since it is necessary, I am glad the US is a leader in this area (as long as the civil rights of Americans are protected).  But I do want to pose the same questions to Americans indignant about alleged Chinese efforts to enter US computer systems as I did to the Chinese students who were indignant about US spy planes flying off China’s coasts:  Are you opposed to every country in the world undertaking efforts to access foreign telecommunications and computer networks, or just ­­­­those by others against the US?  If the former, I applaud you for your consistent, though unrealistic position.  If the latter, you are a hypocrite.

I also have a few thoughts for the other actors potentially involved in this saga:

To the Chinese government:  if many of these intrusions are the work of Chinese government security agencies I suggest you fire the people involved.  The whole point of such efforts is to do these things without detection.  Otherwise, all you are doing is allowing the other guys to understand your techniques, encouraging them develop countermeasures, and generally making yourself look awful in the eyes of world opinion.

To the Russian, Indian, etc. governments:  If these attacks are coming from you but being routed through China to increase US-China frictions, give the people overseeing this program a raise.  Very creative.

To individual Chinese hackers:  if you are the ones behind these efforts you are accomplishing nothing other than damaging your country’s reputation.  You are unpatriotic slime ­­­­­­­balls and I hope power surges fry all your computers.

Final note:  I see in the press that the ­­­­­­­Administration is nearing completion of a major study on how to better protect critical computer networks in the US.  This is of course the proper focus.  Intrusions on these networks will continue, from friendly and hostile governments, from criminal gangs, and individual hackers.  In this circumstance indignation is inappropriate.  But stepped up protection is not.­­­­­­

Explore posts in the same categories: China, Internet/Media, Military, Security, Technology

2 Comments on “Insecure”

  1. LZ Says:

    Brenner said today about the fighter jet data that was breached: “The Chinese are relentless and don’t seem to care about getting caught. And we have seen Chinese network operations inside certain of our electricity grids. Do I worry about those grids, and about air traffic control systems, water supply systems, and so on? You bet I do”
    This went too far, not to mention the attack only “appeared to be” from China. Hank, do you recall countries other than China and Russia “getting caught” for similar activities in the past? what about the US government itself? how much do you think the Chinese government is offended by the immediate finger-pointing?

    • levinehank Says:

      LZ: Over the years there have been many stories in the press about other countries spying on the US and stories about the US spying on other countries. I can’t remember allegations in the press about other countries breaking into US computer networks, but my guess there are classified incidents that US intelligence agencies have in their files relating to a number of countries.

      What I find silliest about the comments in the article you quoted is the notion that the Chinese government would be trying to break into computer systems and not care if they are caught. As I noted in my original post on this subject, any intelligence agency undertaking this kind of effort does not want to be caught. It is a purely practical matter: if you are discovered the target country has gained a window into the techniques you use and can implement countermeasures. Also, the more you are caught the more it raises the security consciousness of the other guy to be careful in general. That is why for many years after its founding the existence of NSA in the US was a secret. Just to let others know that you have an organization that collects electronic intelligence is to heighten their awareness to be careful.

      I have no doubt that China’s civilian and military intelligence agencies have aggressive intelligence collection programs to include electronic intelligence. But I tend to think that large scale and repeated intrusions into US systems are more likely the work of hackers in China, for the reasons stated above. Individuals (or groups) like this don’t particularly care about being caught.

      I assume that the Chinese government (whether they are the source of the intrusions or not) is very unhappy with all the press reporting on this subject. That said, those in the Chinese government who have access to the information realize that China does have an aggressive collection effort (as does the US) so they can’t be too indignant even if some of the particular accusations are false. I suspect the impact is greater on the Chinese people, especially young intellectuals, who are nationalistic to start with. Not realizing the extent of their own government’s actual activities they may feel that any time the US accuses China of spying it is yet another example of the US trying to embarrass or harass China.

      This last point brings us back to my earlier post (and your comment) on media. If Chinese media were able to report on Chinese intelligence gathering efforts to the same extent that US media reports on US efforts, maybe Chinese people would realize that intelligence operations against other countries is just a fact of life today and that their government accepts this, and participates, along with all other major governments.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: