White House should threaten Great Firewall to curb Chinese cyber attacks, experts say as Obama-Xi summit nears

PUBLISHED : Friday, 28 August, 2015, 7:30am
UPDATED : Friday, 28 August, 2015, 10:47am

As the world recalls how two atomic bombs were dropped on Japan to end the second world war in Asia 70 years ago, a digital deterrent of a similar magnitude could be Washington’s only way to stop cyber attacks from the latest Asian aggressor, China, experts say.

United States president Barack Obama is due to entertain his Chinese counterpart Xi Jinping in Washington next month on a state visit and the issue of cyber espionage will “no doubt” be addressed, Obama said recently.

READ MORE: VPN down – China goes after Astrill, other anti-censorship apps in run up to WW2 anniversary parade

The issue rose to the fore in the wake of a major attack this summer on the US Office of Personnel Management, which saw hackers make off with the personal information of over four million current and former federal workers. 

Officials have pointed the finger at hackers linked to China’s People's Liberation Army, saying the data poses a security risk as it contains military records and other sensitive information, potentially including state secrets.

"We absolutely have to do something," said Dennis Poindexter, author of The New Cyberwar: Technology and the Redefinition of Warfare.

As such hacks become more audacious the US needs the cyber equivalent of a nuclear deterrent, added Poindexter, a former faculty member at the Defence Security Institute under the US department of defence. 

He pointed to this year’s OPM hack as an example of Chinese hackers inadvertently crossing the line of “acceptable” state espionage.

Probably the best thing we could do to offer some degree of deterrence is give [Chinese internet users] a way around the firewall
Dennis Poindexter

Former head of the National Security Agency and Central Intelligence Agency Michael Hayden told the Washington Post after the attack that "if I could have done it [as head of the NSA], I would have done it in a heartbeat".

"You have to kind of salute the Chinese for what they did," said US director of national intelligence James Clapper in June, referring to the sophistication of the hack. 

Since then, Obama has reportedly told his staff to come up with a series of retaliatory actions in the event of similar attacks. 

“One of the conclusions we’ve reached is that we need to be a bit more public about our responses, and one reason is deterrence,” a senior administration official involved in the debate told The New York Times, speaking anonymously. 

Measures under discussion reportedly range from sanctions and criminal indictments of suspected hackers to US-led attacks on the Great Firewall, China’s online censorship apparatus.

Obama approved sanctions on North Korea following the January hack of Sony Pictures, even though Kim Jong-un's regime remains only a suspect. 

Adopting the same stance against China, the world’s second biggest economy, could be catastrophic for the US given the interconnectedness of global trade.

But the US has already shown it is not afraid to go after the Chinese military, with the US justice department levelling charges against five PLA officials last year.

The indictments came in the wake of a report by cybersecurity firm Mandiant that tied Shanghai-based PLA Unit 61398 to an active and highly effective hacking team it called APT1. 

Mandiant has since been absorbed by cybersecurity firm FireEye. Richard Bejtlich is its chief security strategist.

Bejtlich said the aggressive move by Washington set alarm bells ringing in Beijing, and that he had personally heard PLA officers refer to the incident as a "national humiliation".

Beijing cancelled a high-level Sino-US working group on cyber affairs following the affair, while China’s state media labelled the US a "mincing rascal" and "high-level hooligan". 

But charging high-ranking government officials would require gathering huge amounts of evidence and tying them to individual attacks – a difficult task in the murky world of cyber warfare. 

Even if successful, it could prove a pyrrhic victory by exposing ongoing US intelligence operations. 

"Probably the best thing we could do to offer some degree of deterrence is give [Chinese internet users] a way around the firewall," said Poindexter. 

The Great Firewall has undergone several "upgrade[s] for cyberspace sovereignty" since the beginning of the year, according to the state-run People's Daily

This week, popular virtual private network provider Astrill, which helps users jump the Great Firewall, said its services in China would be disrupted due to the upcoming Beijing parade marking the anniversary of the end of the second world war. 

Two Chinese developers also removed anti-censorship apps from open-source code repository GitHub after pressure from Chinese police. 

According to The New York Times, multiple officials within US intelligence agencies are advocating attacks on the Great Firewall. 

This is "to demonstrate to the Chinese leadership that the one thing they value most — keeping absolute control over the country’s political dialogue — could be at risk if they do not moderate attacks on the United States", it reported.

By publicly committing to undermine Chinese internet filtering, the US could drive home how seriously it takes cyber attacks and economic cyber espionage. 

"Just by saying it, we make them very concerned," Bejtlich said. 

Other potential public deterrents could involve the US working with regional allies like Vietnam, which has centuries of bad blood with China, to form a united front. 

The leaked info is a blueprint for anyone who wants to run a state-level malware group
Richard Bejtlich

Beijing has long been sensitive to efforts to "contain" it, such as bilateral agreements between countries with which it has territorial disputes in the South China Sea. 

Ultimately, China and the US may not come to an effective agreement until a third party threatens both countries. 

Bejtlich pointed to the huge economic benefit of targeting large companies in developed markets to steal trade secrets and intellectual property, a practice China has long been accused of. 

As China’s high-tech and internet companies become more advanced and expand into developing markets, they may find themselves targeted by state-level hacking groups from foreign shores. 

The attack earlier this year on Italian cybersecurity and surveillance firm Hacking Team, after which the perpetrators dumped gigabytes of the company's information and tools online, may accelerate this trend, Bejtlich said. 

"The leaked info is a blueprint for anyone who wants to run a state-level malware group, and they've provided this playbook for any developing country who wants to run this kind of activity,” he said. 

While statements from Obama and the White House give every indication that cybersecurity will be a key component of next month’s summit, experts were sceptical about whether any substantive agreement would be reached. 

Poindexter was almost certain that "there will be some kind of joint statement about hacking", though he said it was unlikely there would be any major de-escalation of cyber attacks. 

Simon Shen, a cybersecurity expert at the Chinese University of Hong Kong, said hacking is here to say. 

"I'm afraid it's not possible for any country in the world to give it up," he said.