China and the growth of cy­ber-es­pi­onage

Toronto Star - - BUSINESS - DAVID OLIVE

5Some cir­cum­stan­tial ev­i­dence is very strong, as when you find a trout in the milk.” — Henry David Thoreau

For cen­turies, China has been lend­ing pan­das to coun­tries as a good­will ges­ture. And the gam­bit usu­ally works.

On cue, On­tario Pre­mier Kath­leen Wynne, For­eign Af­fairs Min­is­ter John Baird and Toronto Mayor Rob Ford have been jock­ey­ing for a spot in the photo-op with Lau­reen Harper when gi­ant pan­das Er Shun (“Dou­ble Smooth­ness”) and Da Mao (“Big Mao Tse-Tung”) ar­rive at Pear­son air­port this Mon­day.

It might be un­seemly to look a gift gi­ant panda in the mouth.

But here goes: Com­puter hack­ers widely thought to be based in China tar­get North Amer­i­can gov­ern­ments and busi­nesses thou­sands of times ev­ery day.

In 2010, cy­ber­spies thought to be op­er­at­ing from China broke into com­put­ers at Canada’s Trea­sury Board and Fi­nance and De­fence De­part­ments in what Daniel Tobok, a U.S. cy­ber de­tec­tive called in to in­ves­ti­gate the breaches, de­scribed as “one of the big­gest at­tacks we have ever seen.” Ear­lier that year, hack­ers of sus­pected Chi­nese ori­gin at­tacked sev­eral Bay Street law firms in an es­pi­onage bid tied to the ul­ti­mately failed $38-bil­lion takeover of­fer for Saskatchewan’s Po­tash Corp. by a Bri­tish firm. Last month, the Wall Street Jour­nal re­ported that, ac­cord­ing to an ex-Nor­tel Net­works Corp. em­ployee, Nor­tel’s com­puter data­bases had been sys­tem­at­i­cally plun­dered by China-based hack­ers from 2000 to 2009, when Nor­tel filed for bank­ruptcy pro­tec­tion. Back in 2010, two U.S. groups ex­am­in­ing cy­ber­at­tacks claimed that com­put­ers at diplo­matic posts and government op­er­a­tions in 103 coun­tries had been cracked by cy­ber­spies work­ing from com­puter servers in China. And in Jan­uary, the Vir­gini­abased se­cu­rity firm Men­di­cant re­ported that a fa­cil­ity on the out­skirts of Shang­hai thought to be run by the Peo­ple’s Lib­er­a­tion Army had stolen trade se­crets from more than 140 U.S. com­pa­nies, in­clud­ing Ford, Gen­eral Mo­tors, Mo­torola, Dupont, Dow Chem­i­cal and Cargill. The prob­lem has be­come suf­fi­ciently acute to vie with Amer­ica’s ef­forts, sim­i­lar to Canada’s, to de­velop friendlier re­la­tions with a China whose mar­kets we seek greater ac­cess to and whose po­ten­tial as a re­gional mil­i­tary hege­mony the U.S. and its al­lies Ja­pan, Tai­wan and South Korea have sought to re­strain only by “soft­power” diplo­matic means. Al­lud­ing to China with­out nam­ing it, U.S. Pres­i­dent Barack Obama in his Jan­uary state of the union ad­dress de­clared that off­shore cy­ber­at­tack­ers “are seek­ing the abil­ity to sab­o­tage our power grid, our fi­nan­cial in­sti­tu­tions and our air traf­fic con­trol sys­tems.” Last month, Obama un­veiled mea­sures to bet­ter pro­tect pub­li­cand pri­vate-sec­tor U.S. com­puter net­works from sab­o­tage and theft of in­tel­lec­tual prop­erty and mil­i­tary se­crets. Any stu­dent of the 19th-cen­tury Opium Wars will at­test that eco­nomic em­pire build­ing — in that case by the Bri­tish and Amer­i­cans — is an ugly busi­ness. With China emerg­ing as an eco­nomic su­per­power, poised to over­take the U.S. in GDP by mid-cen­tury, it wouldn’t sur­prise any fu­ture his­to­rian that sus­pected ram­pant in­tel­lec­tual prop­erty theft played an es­sen­tial role in China’s eco­nomic mir­a­cle. Which China de­nies, of course. Last month, the Chi­nese em­bassy in Ot­tawa re­leased a state­ment say­ing, “Cy­ber­at­tacks are trans­la­tional and anony­mous. It is ir­re­spon­si­ble to pre­judge the ori­gin of at­tacks with­out thor­ough in­ves­ti­ga­tion and hard ev­i­dence.”

The Chi­nese have lately gone fur­ther, in­sist­ing this month that they are the chief vic­tims of hacker theft of mil­i­tary and trade se­crets, mostly of U.S. ori­gin. But there’s no hard ev­i­dence for that claim, ei­ther.

In a cat-and-mouse game where an In­ter­net do­main name of two weeks’ ex­is­tence passes as hard proof, the pre­pon­der­ance of cir­cum­stan­tial ev­i­dence points to China.

In 2011, McAfee, the U.S. com­puter se­cu­rity firm, as­serted that hack­ers based in China had stolen trade se­crets from west­ern oil com­pa­nies.

With China emerg­ing as an eco­nomic su­per­power, poised to over­take the U.S. in GDP by mid-cen­tury, it wouldn’t sur­prise any fu­ture his­to­rian that sus­pected ram­pant in­tel­lec­tual prop­erty theft played an es­sen­tial role in China’s eco­nomic mir­a­cle

Clas­si­fied files held by the U.S. government link sev­eral cy­ber­at­tacks to the Chi­nese army. Wik­iLeaks has pub­lished diplo­matic ca­bles link­ing cy­ber­at­tacks on Google and In­tel Corp. to op­er­a­tives in the Chi­nese Polit­buro.

And Men­di­cant in­sists that the years of hack­ing it un­cov­ered could not have hap­pened with­out the “full knowl­edge and co-op­er­a­tion” of Bei­jing, given China’s re­lent­less con­trol of In­ter­net ac­tiv­ity.

Yet global se­cu­rity ex­perts don’t sus­pect the Polit­buro of a master plan.

In­stead, they link cy­ber­mal­ice to China’s army, its spy agen­cies, pow­er­ful state-owned en­ter­prises, and to Chi­nese re­gional mil­i­tary au­thor­i­ties.

Each group keeps the oth­ers in the dark about what they’re do­ing. This, con­ve­niently, of­fers “plau­si­ble de­ni­a­bil­ity” to China’s po­lit­i­cal lead­er­ship.

I’m no less im­mune to the se­duc­tive cute­ness of pan­das than the next per­son.

But given the im­men­sity of the 24/7 cy­ber­at­tacks we’re en­dur­ing, and China’s in­tran­si­gence on the is­sue, I’d pre­fer we made our own ges­ture — likely the first on record. I’d turn Er Shun and Da Mao back to the only homes they’ve known, in south­west China.

“Ges­ture pol­i­tics” has its place, I sup­pose, but not when economies are at stake. do­live@thes­tar.ca

Newspapers in English

Newspapers from Canada

© PressReader. All rights reserved.