February 21, 2013

Mandiant Drops Bombshell on China

Print More

Just as it seemed relations between the United States and China were mellowing following the 2010 currency devaluation clash, tensions picked up this week after the cybersecurity firm Mandiant released a report implicating the Chinese government for being behind a series of security breaches against American companies.

“We probably kicked the hornet’s nest,” acknowledged Kevin Mandia, founder and CEO of Mandiant. “[But] tolerance is just dwindling. People are tired of the status quo of being hacked with impunity, where there’s no risk or repercussion.”

With some industry leaders speculating the federal government may have encouraged the release of Tuesday’s Mandiant report, the Obama Administration released its own statement on Wednesday — a detailed 150-page assessment of cyber security efforts including a call to apply “sustained and coordinated diplomatic pressure .  . . ” The proposal has received some criticism for being too tepid and likely ineffective in changing China’s behavior, in part because the Administration is largely constrained by clearly communicated Chinese denial of the allegations and the threat of losing leverage in other areas of diplomatic negotiation between the two powers.

Cybersecurity has become a growing priority in the public and private sectors, and turning a blind eye to foreign perpetrators could have disastrous results. The term “hacking” refers to exploiting weaknesses in computer systems and is commonly achieved through “spear phishing” through which downloaded email attachments unleash hard-to-detect trojan horse software that allow perpetrators access to confidential information. The Mandiant report claims attacks on over 100 U.S. companies originated from a facility in Shanghai and that the Chinese People’s Liberation Army Unit 61398 was directly involved. The report also sheds light on some of the personas of the hackers, including “DOTA” and his or her admiration for Harry Potter novels. Whether true, incomplete, or fabricated, the Mandiant report is another reminder of the dangers of weak cyber defense — including the risk of having a country’s power grid, oil and water supplies, and government capacity to respond compromised by foreign intervention.

The United States has already been penetrated. “There are only two [types of] companies that are affected by trade secret theft, those who know they have been compromised and those who don’t know it yet,” said Attorney General Eric Holder on Wednesday. After being hacked, The Washington Post has implied that nearly all major D.C.-area corporations and federal agencies have been breached, raising concerns over the protection U.S. intellectual property and national defense.

“We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy,” President Obama emphasized during his State of the Union Address. The United States certainly has several routes in countering hacking and improving cybersecurity, but a handful of trends are beginning to appear. With the rise of Virginia-based Mandiant and other Washington, D.C. area cybersecurity companies, a new brand of defense contractors is on the horizon. The reasons for a reliance on cybersecurity firms are twofold: apprehensiveness about government intervention in private accounts and the limitations of public sector capacity for defending all security breaches.

“I think there’s a recognition that the government can’t stand at the entry point of the internet to the U.S. and shield it from all bad things coming in,” assessed Michael DuBose, a former senior justice department official.

As former Secretary of State Henry Kissinger has argued, China’s history as the epicenter of eastern civilization has contributed toward a Sinocentric national identity. In some ways this can be compared to the United States’ promotion of western values abroad, and thus issues of intervention, including cyber attacks, have the potential to become particularly touchy. With diplomatic negotiations currently stalled, continued policy prescriptions emphasizing education, technology, and innovation can be anticipated. It can be expected that a growing combination of government and private sector initiatives will aim to increase U.S. material capabilities and improve leverage with China in situations where diplomacy fails.

Original Author: Chris Mills