House Intelligence Committee Blasts China for Cyber Espionage
The U.S. must confront leaders in Beijing about the cyberattacks emerging from China and do more to shore up domestic cybersecurity, members of the House Intelligence Committee said at a hearing Tuesday. They said the attacks have increasingly targeted businesses to the detriment of the U.S. economy and competitiveness abroad.
Sign up for a free preview to unlock the rest of this article
Timely, relevant coverage of court proceedings and agency rulings involving tariffs, classification, valuation, origin and antidumping and countervailing duties. Each day, Trade Law Daily subscribers receive a daily headline email, in-depth PDF edition and access to all relevant documents via our trade law source document library and website.
"China’s economic espionage has reached an intolerable level and I believe that the United States and our allies in Europe and Asia have an obligation to confront Beijing and demand that they put a stop to this piracy,” said Chairman Mike Rogers, R-Mich. He added that the need to shore up America’s cyberspace “will be met with legislation very soon.” Ranking Member Dutch Ruppersberger, D-Md., agreed: “We are being attacked in an aggressive way by China and possibly Russia and other countries. And yet we really have not pulled together the government and the private sector to really do the things that need to be done: to educate the public and to start protecting our country.” A representative of the Chinese embassy in Washington had no comment.
Cybersecurity experts said the attacks coming from Asia and Eastern Europe pose a significant threat to the U.S. “As a professional intelligence officer, I step back in awe of the breadth, depth, sophistication and persistence of the Chinese espionage effort against America,” said Michael Hayden, principal of the Chertoff Group and ex-director of the National Security Agency and of the CIA. “We classify attacks in two ways -- it’s either Asia-Pacific attacking us or it’s Eastern Europeans attacking us,” said Kevin Mandia, CEO of Mandiant, a cybersecurity contracting firm. “With Eastern Europeans generally it feels criminally motivated -- it’s to make money the short way. The Asia-Pacific intrusions seem to be more low and slow, very sophisticated, very persistent, harder to remediate and we see commonalities among those attacks.”
The recent cyberattack on RSA, a provider of secure electronic encryption, was definitely launched by a country, said RSA Chairman Arthur Coviello, who didn’t name the nation. “Our conclusion especially in our discussions with law enforcement is that this could not have been perpetrated by anyone other than a nation state.” The RSA attack was the result of a zero-day malware exploit embedded in a Microsoft Excel spreadsheet file in emails sent from a compromised organization, Coviello said. RSA employees unknowingly clicked the file that exploited a previously unknown vulnerability in an Adobe software product. “This was a very sophisticated attack,” Coviello said. “There were some elements of an advanced persistent threat we hadn’t seen before. This was one of the first times there was a combined attack from two sources that came from the same opening. It was a compound attack that made it even that much more difficult to discover.”
Providing more and better cybersecurity resources to federal agencies will go a long way to improving the effectiveness of security across government, said Mandia. “Time and time again we talk to government agencies and they are sick of getting C, D, and F grades from Congress and feeling helpless, powerless to do something about it,” he said. “I think if Homeland Security was given enough resources to help agencies with best practices that would be great.” He said that “building more in the way of public/private partnerships to share information” is something “I think Homeland Security can do more. But they can only do that if they have more resources with which to do it,” he said. A GAO report issues Monday revealed “significant weaknesses” in many federal agencies’ cybernetworks, saying it was largely due to their failure to implement information security programs (WID Oct 4 p3).
Rep. Mac Thornberry, R-Texas, who heads the bipartisan cybersecurity task force, said the group will release its recommendations Wednesday, and offered some hints as to what it may include. “One of the important things to do is to make it easier for companies to share information with each other and with the government. And there are laws that make that hard if not impossible,” he said. “Something that would make sense is correcting and updating some of those laws to facilitate the sharing of information so you can get a common operating picture, so that you can have information brought together so that actions can actually be taken on it.”
In the meantime American citizens must have a “serious conversation” about balancing their online privacy with the demands of modern intelligence collection, said Hayden. The NSA, CIA, DHS and other agencies tasked with protecting domestic cybersecurity must be able to access all communications in order to monitor and secure cyberspace, he said. “All communications are out there in a common network and targeted signals coexist with protected signals. We want NSA to protect us, but we don’t want NSA out there being present where our own communications are flowing,” Hayden said. “We are going to have to have a serious chat.”