by Kenneth Corbin

U.S. Must Crack Down on China’s Cyber Threats

News Analysis
May 14, 20145 mins
Cloud SecurityCybercrimeGovernment

Former National Security Advisor Tom Donilon says that persistent cyber intrusions into corporate networks emanating from China are sapping economic relations with the United States.

WASHINGTON — The sustained and large-scale infiltration of the corporate networks of U.S. firms at the hands of Chinese hackers stands as a major impediment to trade between the world’s two largest economies, former National Security Advisor Tom Donilon warned yesterday.

China's Cyber Threats

Donilon, speaking at the annual FOSE government IT conference, warned that continued “cyber-enabled economic theft” on the part of the Chinese imperils the half a trillion-dollar economic relationship between the two superpowers.

“That needs to be a principal discussion between the United States and China,” Donilon said. “You can’t really have a $500 billion relationship — economic relationship — and have this kind of theft going on. And the rules of the road need to change with respect to that.”

U.S. Digital Systems in Grave Danger

In assessing the cybersecurity environment, Donilon, who served as President Obama’s top security aide until June 2013, starts with the basic premise that the intrusions into critical digital systems are grave, and that they are growing more intense and varied in origin.

[Related: White House Warns China to Crack Down on Cyberattacks]

“The principal dynamic is that the threats become more sophisticated and pervasive. As the world [leaves] more of its business life, personal life and its security online there are obviously increasing threats and increased responsibilities for the government, for companies, other organizations and individuals to act in a way to protect these networks,” he said.

“On the landscape,” he added, “I think it’s important to separate it out by the threat.”

Snowden Represent Another Type of Threat

In addition to groups that aim to infiltrate corporate networks to swipe trade secrets and intellectual property, Donilon points to garden-variety criminals engaging in fraud, lone-wolf and activist hackers, and rogue insiders such as former NSA contractor Edward Snowden as among the various threat vectors.

Taken together, the cyber threats amount to a public-policy challenge of the first order, one that demands greater cooperation among business and government, according to Donilon.

“I think that’s the dynamic that we’re going to be faced with. There’s going to be more sources, more sophisticated, which means you need to have a multi-dimensional approach,” he said.

Provisions to facilitate the sharing of information about emerging threats have been a hallmark of several of the bills addressing cybersecurity that have been introduced in Congress, but have not yet passed.

[Related: New report says cyberspying group linked to China’s army]

Donilon acknowledged that businesses, generally, have been improving their security posture, though those efforts have been uneven. And while the lines of communication have opened in recent years, many firms are still reluctant to share threat information with federal authorities or others in the private sector, in part out of fear of the potential legal repercussions.

“I think we are making some progress in that, but a lot more progress needs to be made, especially in terms of having best practices used more evenly across the landscape, and in terms of information sharing both among companies and other entities that run critical infrastructure and between the public and private sector, which I think is very important,” he said.

China a Clear and Present Cyber-Danger

Donilon’s focus on China recalls a speech he gave last March calling on that nation’s government to crack down on “cyber intrusions emanating from China on an unprecedented scale.” That address came shortly after the release of a high-profile report from the security firm Mandiant, which detailed a widespread hacking operation undertaken by China’s army alleged to have compromised 141 companies dating to 2006.

[Related: Secret TPP Intellectual Property Agreement Misses Deadline]

Donilon’s renewed call for tougher prohibitions on hacking in China comes as the Obama administration has signaled its intentions to “pivot” toward Asia, reorienting economic, diplomatic and other policy areas toward the East. The United States is currently in advanced negotiations on expanding the Trans-Pacific Partnership, a major trade agreement that would include a dozen nations — though, notably, not China, at least for now — and bring its provisions to bear on roughly 40 percent of global trade.

It is Donilon’s hope that U.S. officials will elevate cybersecurity as a priority in trade talks and their broader diplomatic efforts. At the same time, he is realistic that as important as information sharing and stronger international partnerships may be, there is no combination of policy remedies that will resolve the cybersecurity challenge.

“I think we need to have much more private-public cooperation, and we need to have an international effort to try to set some sort of norms here,” Donilon said. “But at the end of the day, we’re going to have adversaries that are going to have increasingly sophisticated approaches to attacking our systems. I don’t think there’s any doubt about it.”

Kenneth Corbin is a Washington, D.C.-based writer who covers government and regulatory issues for Follow Kenneth on Twitter @kecorb. Follow everything from on Twitter @CIOonline, Facebook, Google + and LinkedIn.