Chinese President Xi Jinping will be visiting the U.S. this week and his trip could not have come at a more critical time, as the cyber-conflict between Beijing and Washington is reaching a tipping point.
The U.S. government is seething over the increased cyber-attacks against American targets originating from China, and the two nations are set to either move toward detente or the U.S. may adopt retaliatory measures that could possibly spark a flashpoint.
Spike in China-based cyber-attacks against the U.S.
Trade-oriented cyber espionage has long been an open secret of Chinese government and big domestic companies and firms. Chinese hacking groups have a rich history in targeting U.S. businesses and industries in order to steal valuable trade secrets and economic information.
But the number of attacks has been on the rise in recent years. A secret NSA document uncovered earlier this year revealed that in the span of five years, Chinese-based hackers had conducted more than 600 successful attacks on U.S. corporate and government networks.
In October 2014, Chinese spies used MTM (Man-in-the-Middle) attacks to spy on Apple iCloud users. The attacks followed a pattern similar to previous hacks against services offered by big players such as Microsoft, Yahoo, and Google, and involved intercepting communications and impersonating the service providers in order to steal user information.
Earlier, Chinese hackers had targeted the computer networks U.S. aviation companies such as Boeing and Lockheed Martin in order to steal information related to military projects, including the F-22 and F-35 fighter jets.
Also in the crosshairs of state-sponsored Chinese hackers were companies that had ran afoul of Beijing because of the services they provided.
March 2015 saw a massive wave of DDoS (Distributed Denial of Service) attacks conducted against GitHub pages belonging to organizations and media banned in China. DDoS attacks involve overloading a website with fake traffic in order to prevent it from delivering services to legitimate users, or to have its servers crash and shutdown altogether.
The OPM hack: the culmination of cyber-attacks against the U.S.
The attacks reached their climax in late April this year, when news broke over a cyber-intrusion into the U.S. Office of Personnel Management (OPM), which resulted to the theft of personal and sensitive data of more than 20 million U.S. government employees, including social security numbers, employment, criminal and financial histories, and possibly even fingerprint data.
The OPM hack, which became known as “the biggest breach in U.S. history” was carried out through the use of Remote Access Trojans (RATs), a breed of malware that allows attackers to obtain control over targeted computers through the use of legitimate and hard-to-detect techniques. OPM officials were severely criticized for not having taken the precautionary measures to prevent the attack from taking place.
Meanwhile, U.S. officials stopped short of openly accusing the Chinese government of coordinating and conducting the attack. However, assertions made by top security authorities left no doubt as to who they believe was behind the attack. Moreover, reports and analyses later released by researchers and cyber-security firms further confirmed the Chinese government as being the most-likely suspect and the main beneficiary of the breach.
Beijing has constantly denied having taken part in any of the attacks against the U.S., but a document published by the People’s Liberation Army (PLA) earlier this year openly admitted that China is embracing cyber-espionage, and unsurprisingly sees the U.S. as its primary strategic adversary.
U.S. Government ratchets up retaliatory measures
The U.S. has traditionally responded to cyber-attacks through preventative and defensive measures. But recent escalation in attacks, and the more daring breaches into the security sector, have forced the U.S. government to revise is national cyber-security strategy and possibly take more aggressive measures, which can escalate tensions and spill over to other domains.
In May 2014, the U.S. attorney general charged five Chinese military officials with hacking and data-theft charges. This was the first time the U.S. formally accused officials of another country of involvement in cyber-crimes.
Moreover, the Obama administration has been preparing a raft of sanctions against companies and individuals in China guilty of cyber-espionage attacks against U.S. targets. The state department has been pushing for the sanctions to come into effect after Xi’s visit to Washington, while law enforcement officials argue against waiting because of the serious nature of cyber-attacks.
The cyberwar between China and the U.S. has also dealt collateral damage. There were cases in which U.S. citizens of Chinese descent werearrested on espionage and technology theft charges, but were later released as the charges were dropped and the suspicions proven unfounded.
China isn’t the only cyber-enemy the U.S. is dealing with
Chinese hackers might be a big threat to the U.S., but Beijing is not the only cyber-adversary that Washington is facing. The U.S. also has to contend with threats coming from Russia, and to a lesser extent, North Korea.
A dual Russian-U.S. citizen recently pleaded guilty on charges of illegally exporting controlled microelectronics to Russia. And the U.S. continues to face a wide array of sophisticated attacks coming from Moscow-backed hacking groups.
Pyongyang has also managed to register its name in the U.S. hacking history. In 2014, a crippling breach originating from North Korea dealt a severe blow to Hollywood giant Sony, and brought the company’s computer network a standstill. The cyber-attack was in retaliation to Sony’s movie, “The Interview,” which played out a fictional plot to kill North Korea’s Supreme Leader, Kim Jong Un.
Is the cyber-warfare between the U.S. and China prelude to something bigger?
Despite the cyber tit-for-tat between Washington and Beijing, U.S. officials have long been reluctant to name China as an adversary, and are more inclined to describe it as a competitor. That may possibly change soon as cyber-espionage is fast becoming the new frontier for geopolitical rivalries.