Obama Needs to Address Our Cyber-Warfare Gap with China


Obama Needs to Address Our Cyber-Warfare Gap with China

Jan 23, 2011 2 min read
James Jay Carafano

Vice President, Kathryn and Shelby Cullom Davis Institute

James Jay Carafano is a leading expert in national security and foreign policy challenges.
In 2008, monks in the Office of the High Dalai Lama had a strange feeling someone was reading their e-mail. For example, when they followed up on an e-mail request to meet with a diplomat, they would find that a Chinese representative had just called to discourage the get-together.

There were other signs, too, that something was amiss. Confidential documents and sensitive information were leaked.

Was there a spy in their ranks? Had someone cracked their computers?

Discretely, the monks started making inquiries with Western security experts. They wound up at the doorstep of Information Warfare Monitor, a group of researchers based at the University of Toronto and led by a political scientist named Ronald J. Deibert.

Named one of Esquire's "best and the brightest" a year earlier, Deibert was known as a passionate champion of online political freedom. He jumped at the chance to investigate security lapses threatening one of the highest-profile religious leaders on the planet.

Information Warfare Monitor investigators found the Dalai Lama's network (and, ultimately, those of more than 100 countries) had been infected with malware -- malicious software that covertly infiltrates a computer system.

This malware program had been shopping for sensitive files, embedding them in innocuous-looking messages and shipping them out through e-mail. The investigators called their discovery "GhostNet."

Was Beijing behind GhostNet? We know that Chinese officials detained a young student at the Nepalese-Tibetan border on charges of "political activity" and confronted her with a complete transcript of all her Internet chats over the previous two years.

Where did they get all that information? One suspects it came from GhostNet.

Odds are GhostNet never came up in discussions during Chinese President Hu Jintao's state visit to Washington last week. Between the grip-and-grins and the public palaver, how much time was there to bring up the numerous reports of Chinese cybersnooping into U.S. government computers and those of other Western powers?

Surely President Obama didn't dwell on the Red Hacker Alliance, a Beijing-sanctioned "network security" organization. (The RHA reportedly has over 300,000 members and paid staff that includes university-trained computer science experts. It undertakes "patriotic" cyberhacking as well as various "government-sponsored" projects.)

Though Beijing is keenly interested in cybercommunications, it's not at all into online freedom. Both the Ministry of Public Safety and the State Secrecy Bureau have cybersecurity units at all levels of government.

Their ranks number in the hundreds of thousands and include college students who do part-time "online law enforcement" in exchange for computer and Internet access. The government also employs numerous technologies to block and censor online content.

Sites like YouTube, Facebook, Twitter, Blogger and Wikipedia are all blocked in China.

Beyond doubt, China is the No. 1 threat to both U.S. cybersecurity and Internet freedom. But, during the run-up to Hu Jintao's visit; Defense Secretary Gates eschewed confronting Beijing on these issues. Instead, he proposed more bilateral military consultative talks to build "trust and confidence" between the two sides.

There is no doubt about China's stance on cyberwarfare: Their official Chinese military doctrine advocates its exercise. But it's not at all clear that the United States has its act together.

The Pentagon finally stood up a cybercommand last May. And Jean-Loup Samaan argues that the command evinces Janus-faced attitudes toward cyber. "An intellectual rift between 'cyber-warmongers' and "cyber-skeptics' still prevails, fueling a dysfunctional institutional response to cyber-defense," he wrote in a recent issue of the RUSI Journal.

However the White House wants to frame U.S.-Chinese relations, it needs to get more serious about cyberthreats. Otherwise the president may awaken one day to find Beijing reading his BlackBerry.

James Jay Carafano is a senior research fellow for national security at the Heritage Foundation.

First appeared in The Examiner