Behind China's cyber war against US

Opinion Journal:
For several years, Washington has treated China as the Lord Voldemort of geopolitics—the foe who must not be named, lest all economic and diplomatic hell break loose. That policy seemed to be ending in recent weeks, and Timothy Thomas thinks it's about time.

The clearest sign of change came in a March 11 speech by Tom Donilon, President Obama's national security adviser, who condemned "cyber intrusions emanating from China on an unprecedented scale" and declared that "the international community cannot tolerate such activity from any country." Chinese cyber aggression poses risks "to international trade, to the reputation of Chinese industry and to our overall relations," Mr. Donilon said, and Beijing must stop it.

"Why did we wait so long?" wonders Mr. Thomas as we sit in the U.S. Army's Foreign Military Studies Office, where the 64-year-old retired lieutenant colonel has studied Chinese cyber strategy for two decades. More than enough evidence accumulated long ago, he says, for the U.S. to say to Beijing and its denials of responsibility, "Folks, you don't have a leg to stand on, sorry."

U.S. targets of suspected Chinese cyber attacks include news organizations (this newspaper, the New York Times, Bloomberg), tech firms (Google, Adobe, Yahoo ), multinationals (Coca-Cola, Dow Chemical ), defense contractors (Lockheed Martin, Northrop Grumman ), federal departments (Homeland Security, State, Energy, Commerce), senior officials (Hillary Clinton, Adm. Mike Mullen), nuclear-weapons labs (Los Alamos, Oak Ridge) and just about every other node of American commerce, infrastructure or authority. Identities of confidential sources, hide-outs of human-rights dissidents, negotiation strategies of major corporations, classified avionics of the F-35 fighter jet, the ins and outs of America's power grid: Hackers probe for all this, extracting secrets and possibly laying groundwork for acts of sabotage.

China's aggression has so far persisted, Mr. Thomas says, because "it makes perfect sense to them." The U.S. has difficulty defending its cyber systems, the relatively new realm of cyber isn't subject to international norms, and years of intrusions have provoked little American response. "I think they're willing to take the risk right now because they believe that we can't do anything to them," he says. "You have to change the playing field for them, and if you don't, they're not going to change. They're going to continue to rip off every bit of information they can."

Hence the promise of Washington's apparent shift in policy. "There's something going on," Mr. Thomas says, and the Donilon speech was only one part. This month's more significant news, he argues, was the announcement that the U.S. military's Cyber Command (founded in 2009) would for the first time develop and field 13 offensive cyber-warfare teams. The Chinese "now know we are ready to go on the offense. There's something that's been put in place that I think is going to change their view."

Not that he expects Beijing to back down lightly. On the contrary, Mr. Thomas points to the literature of the People's Liberation Army to demonstrate that China's cyber strategy has deep—even ancient—roots.

The essence of China's thinking about cyber warfare is the concept of shi, he says, first introduced in Sun Tzu's "The Art of War" about 2,500 years ago. The concept's English translation is debated, but Mr. Thomas subscribes to the rendering of Chinese Gen. Tao Hanzhang, who defines shi as "the strategically advantageous posture before a battle."

"When I do reconnaissance activities of your [cyber] system," Mr. Thomas explains of China's thinking, "I'm looking for your vulnerabilities. I'm establishing a strategic advantage that enables me to 'win victory before the first battle' "—another classic concept, this one from the "36 Stratagems" of Chinese lore. "I've established the playing field. I have 'prepped the battlefield,' to put it in the U.S. lexicon."

Or, as Chinese Gen. Dai Qingmin wrote in his 2002 book, "Direct Information Warfare": "Computer network reconnaissance is the prerequisite for seizing victory in warfare. It helps to choose opportune moments, places and measures for attack." Says Mr. Thomas: "He's telling you right there—10 years ago—that if we're going to win, we have to do recon."
...
There is more.

It was a mistake to not build an offensive response much earlier.  We need a counter attack that destroys the computers where they gather the data.  It needs to be like a cyber missile defense system.  Until we do that they are going to keep on stealing data to use against us.

Comments

Popular posts from this blog

Should Republicans go ahead and add Supreme Court Justices to head off Democrats

29 % of companies say they are unlikely to keep insurance after Obamacare