White House asks China to stop hacking, pretty please

China officials say they're willing to talk, but claim they're victims too.

by Sean Gallagher - Mar 12 2013, 2:45pm EDT

• Cyberwar
• Government
• Hacking
• Internet Crime
• Networking

http://arstechnica.com/tech-policy/2013/03/white-house-asks-china-to-stop-hacking-pretty-please/

The Chinese government says these aren't the hackers you're looking for.

Sharkshots

After a rash of attacks against US businesses and government agencies throughout the past few months, the White House is now putting the issue of Chinese state-backed hacking on the front burner. Many of these attacks have been tied by network security firms directly or indirectly to a unit of the Chinese People's Liberation Army (PLA), though Chinese officials still deny any link to the attacks (they claim that China's networks are victims being targeted as well). However, country officials signaled a willingness to talk with the US about cooperation on Internet security—even if it's not clear whether or not the Chinese civilian government is completely in control of the PLA's operations.
White House National Security Advisor Tom Donilon said yesterday that the ongoing alleged Chinese attacks and theft of data from US government and business networks has elevated "cyber" to the top of President Obama's priority list in policy toward China. "From the President on down, this has become a key point of concern and discussion with China at all levels of our government," Donilon told an audience at the Asia Society in New York. "And it will continue to be."
The Obama administration is seeking three things from China's leadership with regard to cyber-espionage, Donilon said. "First, we need a recognition of the urgency and scope of this problem and the risk it poses—to international trade, to the reputation of Chinese industry, and to our overall relations. Second, Beijing should take serious steps to investigate and put a stop to these activities. Finally, we need China to engage with us in a constructive direct dialogue to establish acceptable norms of behavior in cyberspace."
In February, network security firm Mandiant released a 74-page report detailing what the company had learned in its investigations into a number of cyber attacks, including the one it helped The New York Times counter. According to the report, Chinese state-sponsored hackers have stolen data from 141 organizations during the last seven years. The company pinpointed the source of those attacks, which they designated as "APT1" (as in Advanced Persistent Threat)—known by security researchers as the "Comment Crew" or "Shanghai Group"—as members of the PLA's Unit 61398. The company also released a video showing some of the activities of the members of the unit:

A video of actual sessions and attack activities of APT1, which Mandiant claims is PLA's Unit 61398 in Shanghai.

The US intelligence community has long warned that China's government has been waging a campaign of industrial and military espionage through hacking. And for just as long, China's government has denounced the claims as fraudulent, claiming that it has constantly offered to help crack down on hacking. Chinese officials responded today to Donlon's comments defensively but again claimed China was open to cooperation in cracking down on Internet threats.
In a daily news briefing this morning, Chinese Foreign Ministry spokesperson Hua Chuying said that "China is willing, on the basis of the principles of mutual respect and mutual trust, to have constructive dialogue and cooperation on this issue with the international community, including the United States, to maintain the security, openness, and peace of the Internet." But she added that China is also a victim of cyber-attacks, claiming that two major Chinese military websites were attacked more than 140,000 times per month over the last year—with about two-thirds of the attacks coming from the US.
According to a report by The New York Times, the Obama administration has been talking to Chinese leadership about cyber-attacks for years. A senior US official told NYT that "what we are hoping to do is force the Chinese civilian leadership to realize that the PLA is interfering with their foreign policy." That would suggest the White House believes that the PLA is acting on its own without direct approval from China's civilian government.