WASHINGTON (Reuters) - Google Inc’s threat to quit China over cyber attacks and censorship highlights U.S. fears that a more powerful Beijing is tapping government and corporate computer networks to steal secrets and to prepare for potential conflicts.
Ties between the United States, the world’s largest economy, and China, a rising rival, are already strained by jockeying for resources, regional influence, currency exchange rate advantages, trade protectionism charges and arms sales to Taiwan, among other things.
U.S. intelligence agencies for years have warned government officials and corporations that Chinese hackers have been piercing sensitive networks and preparing for any clash as bilateral ties wax and wane.
Outsourcing, a cost-cutting strategy adopted by many U.S. companies, contributes to the cyber threat, according to Larry Wortzel, a member of the U.S.-China Economic and Security Review Commission, an advisory panel to Congress.
“Companies that locate their research and development in China and employ Chinese citizens to work on their software have probably made Chinese intelligence and security services better at computer hacking,” said Wortzel, a former U.S. Army attaché in Beijing.
“They learn the holes in the system and the codes to access programs to do software updates -- trapdoors that leave the U.S. vulnerable to attack,” he said in an email interview.
Moving hardware, chip and server production to China “gives Chinese employees or security organizations opportunities to embed their own code and trapdoors into the hardware as they put the code in,” Wortzel said.
Secretary of State Hillary Clinton was scheduled to deliver on Thursday what was being billed as a major speech on Internet freedom. “The ability to operate with confidence in cyberspace is critical in a modern society and economy,” said Kurt Campbell, the department’s top official for East Asia.
Google owns the world’s most popular Internet search engine. It jolted U.S.-China ties with its January 12 announcement that it had faced a “highly sophisticated and targeted attack” in mid-December allegedly from inside China.
Targeted at the same time, Google said, were more than 20 other companies in finance, technology, media and chemicals. At issue, it said, was more than a simple security breach, though Google said a primary target was dissidents’ email accounts.
The U.S. State Department is pressing China for an explanation of the incidents described by Google.
U.S. military and government networks “continue to be the target of intrusions that appear to have originated from within” China, Navy Admiral Robert Willard, head of the U.S. Pacific Command, said on January 13, one day after Google aired its complaint.
While most penetrations are fishing expeditions, Willard told the House of Representatives Armed Services Committee “the skills being demonstrated would also apply to wartime computer network attacks.”
U.S. national security officials and independent security experts increasingly are voicing alarm about alleged Chinese cyber espionage. For its part, Washington also has a vast espionage corps to steal secrets for its security interests.
China’s embassy dismissed any suggestion that Beijing was behind cyber attacks against U.S. interests.
“As China is more than ever integrated with the rest of the world through, and reliant on, the Internet, it has no reason to do anything that will harm or backfire on its own interests,” Wang Baodong, an embassy spokesman, said by email.
Last February, Dennis Blair, the director of national intelligence, said state and non-state foes were targeting U.S. telecommunications networks, Internet and critical industries’ technological underpinning. Cyber attacks were growing more sophisticated and more serious, he said, singling out Russian and Chinese capabilities.
Chinese hackers’ tracks have been detected inside some U.S. electricity grids and they “don’t seem to care about getting caught,” said Joel Brenner, former director of the Office of the National CounterIntelligence Executive.
“Do I worry about those grids, and about air traffic control systems, water supply systems, and so on? You bet I do. Our networks are being mapped,” Brenner told an April 3 forum at the University of Texas at Austin.
China is also preparing for any clash over Taiwan.
James Mulvenon of the Center for Intelligence Research and Analysis, a consultant to U.S. intelligence agencies, said hackers controlled by Beijing might target U.S. logistics and other support systems in a crisis over the self-ruled island.
“The Chinese military appears to believe that they can use hacking to exploit our perceived dependencies on cyber systems, and thereby disrupt our deployment to a regional contingency,” Mulvenon said in an email interview.
China deems Taiwan a rogue province subject to unification with the mainland, if necessary by force. The United States is Taiwan’s main arms supplier and is mandated by the 1979 Taiwan Relations Act to aid its self-defense.
The U.S.-China Economic and Security Review Commission told Congress two months ago that Chinese authorities seem to be recruiting skilled cyber operators from information technology firms and computer science programs into the ranks of “Information Warfare Militia units.”
The Daily Beast last week cited what it called a classified FBI report that estimated China’s army has more than 30,000 cyberspies plus more than 150,000 private-sector computer experts assigned to steal U.S. military and technology secrets. The FBI declined to comment.
In its China complaint, Google linked to the commission’s report and to a study done for it by Northrop Grumman Corp, the Pentagon’s No. 3 supplier by sales. The study said Beijing appeared to be conducting “a long-term, sophisticated, computer network exploitation campaign” against the government and U.S. defense industries.
Overall, the United States faces “an exceptionally serious” challenge, said Linton Wells II, acting chief information officer at the U.S. Defense Department in 2004 and 2005.
“Corporate intellectual property is being stolen in many fields: information technology, bio-technology, defense industrial base, financial, transportation, energy, and others,” said Wells, now at the National Defense University’s Center for Technology and National Security Policy. “Critical components on which our economy, government and national security are based are at risk.”
In June, U.S. Defense Secretary Robert Gates ordered the creation of the military’s first headquarters to mesh Pentagon efforts in the emerging cyberspace battlefield and computer-network security arenas. The new command will develop offensive cyber weapons as well as defend against them.
Reporting by Jim Wolf; Editing by Julie Vorman, Phil Berlowitz