A unit of China’s People’s Liberation Army has been tied to a location believed to be the source of “an overwhelming percentage of the attacks on American corporations, organizations and government agencies,” according to a report in the New York Times on Tuesday.
“An unusually detailed 60-page study, to be released Tuesday by Mandiant, an American computer security firm, tracks for the first time individual members of the most sophisticated of the Chinese hacking groups – known to many of its victims in the United States as ‘Comment Crew’ or ‘Shanghai Group’ – to the doorstep of the military unit’s headquarters,” the report says. “The firm was not able to place the hackers inside the 12-story building, but makes a case there is no other plausible explanation for why so many attacks come out of one comparatively small area.”
Over the past year, Global Public Square contributors have looked at a range of cyber issues, from the potential threat posed by Chinese firms to what the U.S. can do to improve its cyber defenses.
“Weak cybersecurity renders America less secure on a global strategic level,” wrote Katrina Timlin, a research assistant at the Center for Strategic and International Studies, on GPS last February. “Around seventy countries are building cyber capabilities for their military or national defense infrastructure. Among the most capable countries are Russia and China, historical competitors with America.”
“Although they are unlikely to launch a spontaneous cyber attack, it is understandable they are probing our vulnerabilities and testing the limits of cyber espionage. America’s competitors have clear incentives to seek economic and military advantage through these ‘illicit’ means, and America’s inability to properly defend its cyber infrastructure is only facilitating this nefarious behavior.”
How should the U.S. respond?
According to A. Greer Meisels and Mihoko Matsubara, the United States and its allies need to coordinate their response to these threats. “As countries pursue interoperability for the sake of military efficiency, they also face an increase in shared vulnerabilities. Washington should take advantage of its pre-existing alliance network and serve as a hub to synchronize such efforts,” the authors wrote in October. “This requires developing robust, actionable intelligence capabilities that can provide real-time information to decision-makers in the United States, to private companies, and to its allies.”
But Jennifer Stisa Granick, director of civil liberties at the Stanford Law School Center for Internet and Society, suggested that in the push to find solutions in the U.S., it’s worth asking whether more legislation is the answer.
“Bringing federal agencies up to par won’t…require new laws. President Obama could implement much of the Cybersecurity Act via executive order,” Granick wrote in August. “Further, government may be able to raise standards for critical infrastructure networks through regulation rather than legislation. In most critical industries, electricity, nuclear power, chemical plants and water safety are already heavily regulated by the government. So why, for example, did NASDAQ get hacked in 2011? When we, or Congress, understand this, we can apply the tool that would improve the situation, whether it’s Securities and Exchange Commission regulation or new laws.”