U.S. finally acknowledges Chinese and Russian cyberthreat

U.S. finally acknowledges Chinese and Russian cyberthreat

Summary: The difference between China and the United States is that China can execute on its grand plans unfettered by such inconveniences as democratic process or public opinion.


I have long expressed my concern over China's behavior on the Internet, particularly their many furtive and illicit actions against U.S. citizens, U.S. companies, government agencies, and infrastructure operations. I have also discussed -- particularly in some of my lectures -- the prevalence of online organized crime coming out of Eastern Europe and the former Soviet states.

Yesterday, the Office of the National Counterintelligence Executive (the agency responsible for American counterintelligence efforts) issued a report to Congress entitled, "Foreign Spies Stealing U.S. Economic Secrets in Cyberspace" (PDF).

I have to tell you that I haven't been able to read this report yet. I've been trying to download it, or, indeed, get to the NCIX.gov site all evening. Unfortunately, the site has been down for at least the past few hours:

I wouldn't necessarily read a whole lot into that, but it is curious that a report that claims Russia and China have been actively engaging in cyber-spying and penetration attempts is now inaccessible.

Update: A few hours later (3:30AM ET), I was able to get onto the NCIX site. Read the report. It's fascinating.

The Chinese government has long claimed that they have no involvement in any nefarious acts against the United States, but we've also got a long line of circumstantial evidence that seems to counter that assertion.

See also: Deconstructing a nasty Chinese World of Warcraft phishing scheme

In fact, in an article about the report, The Washington Post cites Chinese Embassy spokesman Wang Baodang, who denied the veracity of the NCIX report, claiming China opposes "any form of unlawful cyberspace activities."

A New York Times article quotes Chinese Foreign Ministry spokesman Hong Lei as saying, "The Chinese government opposes hacking in all its manifestations."

Before you accept these assertions by Chinese officials, consider that China has built jindùn gongchéng, the Golden Shield Project (what's commonly called The Great Firewall of China). China has complete control of what IP packets pass in and out of China. And yet, even as recently as a week ago, we know people in China have been conducting attacks against American citizens. I found one in my inbox.

At the end of this article are links to many of my other articles exploring the Chinese cyber-threat. I'm in complete agreement with NCIX that China is a threat. Actually, my research indicates that China may well be America's greatest threat moving into the rest of the 21st Century.

China now owns a tremendous amount of the world's debt. The country has a long pattern of minor attacks and probes against our interests, including a recent possible attack on our satellites.

Most of our computers, phones, and motherboards are built in China (and they may, someday, contain potentially unknown payloads). Now, China is scaling up its game, introducing its own chips and building out its own super-computer.

See also: China steps ups its semiconductor game with homegrown supercomputer effort

My research in How To Save Jobs (free download) showed just how single-minded this nation of 1.3 billion people is in its desire to transform itself into a first-world economy. The difference between China and the United States is that China can execute on its grand plans unfettered by such inconveniences as democratic process or public opinion.

Russia, on the other hand, is a different beast.

Although Russia's political system is once again swinging conservative, we haven't seen as much state-sponsored cyberterrorism as we've seen cybercrime originating from Russian and Eastern Europe-based organized crime units. There is no doubt actors from this region are a threat, but they seem far more motivated by monetary gain than by geopolitical influence.

The bottom line, though, is this.

We are, without a doubt, in a time of increased pressure on our digital homeland security. Whether it's because of Eastern European-based organized crime attempts to spear phish for profit or Chinese citizens supposedly acting on their own to rip off American citizens, or state-sponsored Chinese actors probing America's military and infrastructure defenses, we find ourselves increasingly playing defense on an asymmetric battlefield.

Here are some of my other articles on this topic:

FOR YOUR SAFETY: make sure you update all your computers, including add-ons like Acrobat and Flash (don't just click on random download links, but go to Acrobat.com by typing it into your browser!). Make sure your anti-virus definitions are up-to-date, use caution when clicking on shortened URLs, don't visit "those" sites, and avoid opening attachments and files that could be containing nasty payloads.

Topics: Security, Government, Government US, China


David Gewirtz, Distinguished Lecturer at CBS Interactive, is an author, U.S. policy advisor, and computer scientist. He is featured in the History Channel special The President's Book of Secrets and is a member of the National Press Club.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.


Log in or register to join the discussion
  • You forgot the CIA spying on Americans!

    • RE: U.S. finally acknowledges Chinese and Russian cyberthreat


      And you forgot Google spying on everybody!
    • RE: U.S. finally acknowledges Chinese and Russian cyberthreat

      @kd5auq all email traversing US based servers are scanned by US government agencies...been doing that for more than a decade...DG conveniently ignores that fact. So what is less honorable...a country spying on its enemy or a country spying on its people? I guess most countries are guilty are they not?
      Stop being a run of the mill sensationalist David!
  • RE: U.S. finally acknowledges Chinese and Russian cyberthreat

    Yet, we still do business with them.

    This country prides itself on blowing countries up and then throwing cash at them to rebuild, yet we won't help our own people.
    • Pardon my sarcasm....


      But why would anyone want to help a bunch of poor people who are head over heels in debt?
      sissy sue
      • RE: U.S. finally acknowledges Chinese and Russian cyberthreat

        @sissy sue
        Because the people refusing help to the poor people helped make them poor?

        Just a thought.
    • We're bringing our own people's expectations of life down



      On a lighter note:

    • RE: U.S. finally acknowledges Chinese and Russian cyberthreat

      @SysAdminII the american people have lost control of their country a long time ago it is now in the hands of big banks and corporations with a globalist agenda, it means to end all national sovereignty, its about deindustrialization of the west and depopulation, they sell the people on BS and lies like "we can survive as a "service based economy" " instead of a resource based economy,its all lies ,yes the U.S. destroys countries and rebuilds them,yes it is the business of installing and propping up dictators and not removing them ,thats what the mega corporations and mega banks and the military industrial complex and the civilian industrial complex wants, its how they steal our money ,all your tax money goes to this corporate wellfare as does the blood bodies and limbs of your sons and daughter if they are in the ,military ,they take our tax money and hand it over to these crooks ,its all lies ,it has nothing to do with protecting the U.S. ,there is no threat, there has never been any threat ,not from iraq, not from afghanistan, not from vietnam ,not even WW2
  • great firewall question

    Given that internet access can come from satelites and such, does the Chinese dictatorship really have control over all internet access? Not trying to make a point...it's a sincere question...

    • RE: U.S. finally acknowledges Chinese and Russian cyberthreat

      Given your question gary, I think adomoe may have misunderstood what you were asking.

      The Chinese dictatorship has relatively complete control over all internet access <i>in China</i>. While a person in China could theoretically connect to an internet satellite, they'd need a dish to do that, and possession of such a dish that works with any satellite that is not Chinese, is strictly forbidden. I think that answers your question.
  • Now that its probably too late!

    I bet China has already prepared many computers for a cyber war already. ow all of a sudden the US starts getting worried. I buying two dixie cups and string just in case it all goes south.
    • RE: U.S. finally acknowledges Chinese and Russian cyberthreat

      @jscott418 I don't think so! China doesn't want to lose their investment. They already have so much investment in the US that they already are major players. Hey! It doesn't matter whether it's Republican or Democrat. China has great influence!
      I am Gorby
  • China is a threat, but...

    China as it exists now, would never ever have created the internet in the first place. Not ever. No government would ever have been able to create Google. Not one. Not one did, and not one could. While it's essential to acknowledge as a nation and as people that the government of China wishes us harm and actively works to harm us, it's also essential to realize that there is NO benefit to us in living in such a society.
  • Maybe Donald Trump was right....

    Why does China deserve our business? If we pay high wages for higher priced consumer products, people will still have the money to afford them, but the economy also strengthens. Why is everyone thinking that everyone will be broke and can't afford the cheaper consumer goods? If we can pay our workers better salaries here, they won't be any worse off at face value, but without a good national economy due to outsourced manufacturing, the middle-class are far worse off. The whole reason I think China is getting too much manufacturing is absolutely because of a deal made between the US gov't and the Chinese in trade for taking on our debt.

    Just FYI: the countries with high cyberthreat involvements are also the top countries for software piracy. Question is: where do they get these poor ethics in computer usage from?
  • Let's stop being so naive. The U.S. has always known about the Chinese

    and Russian threats.<br><br>The following is something that nobody in U.S. government believes when it comes from the Chinese:<br><br><b>... Chinese Embassy spokesman Wang Baodang, who denied the veracity of the NCIX report, claiming China opposes any form of unlawful cyberspace activities.</b><br><br>The problem with the statement is that, it's open to interpretation, and hopefully, the people in Washington know that the statement is can be construed as true, but only if one considers that, the Chinese consider "unlawful cyberspace activities" to be unlawful, but, only from the point of view of what THEY consider unlawful, and so, what we might deem to be unlawful, they might consider a duty to help their homeland and their people and their government. It's all in the eye of the beholder, and very dependent upon national "self-interested" justifications.<br><br>It's all about what the meaning of "is", is.

    Reagan said it best: "Trust but verify.".
  • RE: U.S. finally acknowledges Chinese and Russian cyberthreat

    Since we seem to be incapable of stopping the Chinese & Russians from stealing our data then perhaps we should charge them for all the info & data that they have stolen, thereby cancelling our financial debt to them. There, export-import imbalance solved !
    • Not quite! We also spy and steal info from othe countries,

      and we no doubt have more spies in more places than any other country.

      Not that there's anything wrong with that! But, we might end up having to pay more going out, than we'd get coming in from foreigners stealing our info/data.
    • RE: U.S. finally acknowledges Chinese and Russian cyberthreat

      @Wetneck Yes, but even then people will still want their cheap Walmart TV's, etc. Then we'd be in the same situation, after a while.
      I am Gorby
  • Like so many large bureaucratic organizations ...

    ... the United States Government does not recognize it's own vulnerabilities. Homeland Security understands even less about IT than it knows about disaster recovery (as in hurricanes and snowstorms).

    FEMA was created to keep the government running in the case of nuclear war. They no nothing about other kinds of threats. It was a serious mistake to put such a diverse list of threats to America's well-being in the hands of a single umbrella full of bureaucrats without specialized training.

    When the Secret Service was still under the Treasury, NO ONE, and I mean NO ONE would have been able to crash a White House party.
    M Wagner
    • RE: U.S. finally acknowledges Chinese and Russian cyberthreat

      @mwagner@... what are you talking about? thats not why fema was created , your thinking of continuity of governemnt