June 06, 2013

Obama to press Xi on cyber attacks

WASHINGTON — In January 2010, when Google accused Chinese hackers of infiltrating its network to track emails of human rights activists, the Obama administration didn't disclose what U.S. diplomats in Beijing believed: China's Politburo had directed the attack.Today the White House no longer shies from publicly accusing Beijing of launching a sophisticated range of cyber attacks on U.S. computer networks to steal corporate and government secrets -- including those of naval propulsion systems and gas pipeline technology -- worth billions of dollars.

The dispute will take center stage when President Obama meets China's new president, Xi Jinping, on Friday for a two-day informal summit at the Sunnylands retreat in Rancho Mirage. White House aides say Obama will call for Beijing to take strong action against cyber attacks originating from its soil. Obama has elevated cyber security to rank with economic and defense issues as a "constant focus" in relations with China, a White House official said. The flood of digital break-ins "threatens to damage U.S.-China relations, as well as potentially damage the international economy and China's reputation."

The official, who spoke on condition of anonymity in briefing reporters, said every nation has "a responsibility to seriously investigate what may be happening within its own borders, including its virtual cyber borders, and make best efforts to put a stop to activities." Washington and Beijing agreed in April to hold high-level talks to try to set international rules for cyber security. Aides said Obama and Xi will discuss the agenda for the first meeting of the so-called cyber working group on the sidelines of an Asian economic summit in July.

Despite the diplomatic effort, U.S. officials have made no secret of their anger about the continuing cyber assaults. The name-and-shame campaign hasn't persuaded Chinese leaders to halt the daily barrage of hacking, including those from a secretive military unit in Shanghai that allegedly has stolen data from scores of U.S. companies. In the latest broadside, Defense Secretary Chuck Hagel said at a high-level security conference in Singapore on Saturday that cyber attacks against American businesses "appear to be tied to the Chinese government and military."

China has largely denied responsibility, or argued that it is the victim, not the instigator, of such attacks. No one has provided "hard evidence" of Chinese involvement in cyber intrusions, said Cui Tiankai, Beijing's new ambassador in Washington. "A huge number of Chinese computers, Chinese companies, and Chinese government agencies have also been attacked by hackers," he told Foreign Affairs magazine in May, according to a transcript posted on the Chinese Embassy website. "If we trace these attacks, maybe some of them, or even most of them, would come from the United States."

That same month, Beijing reacted angrily when the Pentagon issued a report that accused the Chinese government and military of trying to steal secrets from U.S. federal agencies. "As we all know, the United States is the real 'hacking empire,' " said a commentary in the People's Daily, a Communist Party newspaper. Led by the National Security Agency, the U.S. government is a prolific practitioner of cyber espionage around the globe. But official U.S. cyber spies are supposed to focus only on national security concerns, such as nuclear development in Iran or arms shipments to Syria, and not on the digital looting of corporations to help American businesses.

In China, in contrast, most large industries are owned by the state or by the military, so going after foreign trade secrets and intellectual property is considered fair game, analysts say. "The problem is we're not talking about the same things," said Adam Segal, an expert on China and cyber security at the nonpartisan Brookings Institution. "We're trying to make a distinction between cyber economic espionage and normal political-military espionage. The Chinese don't make that same distinction."

Google was the first major company to publicly accuse China of a vast cyber intrusion. The company blamed the Chinese military for a 2009 attack that also reportedly targeted Adobe Systems, Yahoo, Symantec, Northrop Grumman, Morgan Stanley and Dow Chemical. According to a State Department cable obtained by the WikiLeaks anti-secrecy website, U.S. diplomats in Beijing were told that Politburo Standing Committee members oversaw the attacks, but Obama administration officials never said so publicly.

In 2011, reports by Dmitri Alperovitch, a researcher who was then at the software company McAfee, documented what he said were China-based cyber attacks against oil, energy and other companies since 2006. In February this year, a Virginia-based computer security firm, Mandiant Corp., said it had traced attacks against 141 U.S. and Canadian companies to a Shanghai office building that housed a clandestine computer hacking unit run by the Chinese militar