U.S., China Trade Accusations, Talk Of Cooperation In Cyberspace

Policing cyberspace in an age of cyberespionage and advanced persistent threats is made more difficult by the real and perceived involvement of state actors.

The challenge facing those fighting malware threats was underscored in the back-and-forth between the White House and the Chinese government. In a March 11 speech to the Asia Society in New York, U.S. National Security Adviser Tom Donilon called for China to stop the theft of data from American networks and adopt "acceptable norms of behavior in cyberspace."

"We have worked hard to build a constructive bilateral relationship that allows us to engage forthrightly on priority issues of concern," he said in a speech. "And the United States and China, the world’s two largest economies, both dependent on the Internet, must lead the way in addressing this problem."

The White House wants three things from China, said Donilon. First, China needs to recognize the problem and risk it poses to international trade, the reputation of Chinese industry, and overall foreign relations. Second, China should take serious steps to address these activities. Finally, there needs to be cooperation between China and the U.S. to establish a constructive dialogue regarding a set of rules to govern cyberspace.

Donilon's remarks follow statements by China's foreign minister, Yang Jiechi, who slammed allegations that China was involved in cyberattacks in the wake of the report released by Mandiant (PDF). The report details activities of a reputed Chinese hacking group, the company dubbed APT1 -- believed to be Unit 61398 of China's People Liberation Army.

China denies any connection to cyberattacks against America.

"Those reports may have caught the eye of many people, but they are built on shaky ground," the China Daily newspaper quoted Yang as saying March 10.

China's Ministry of National Defense has ripped the allegations as well, stating that China has never directly accused the U.S. government with being the source of attacks on China's military computers, even though "a considerable number" of them originate from IP addresses in the U.S. , the China Daily reported.

"Cybercapabilities have become intrinsically intertwined in most nation's offense and defense warfare postures," says LogRhythm CTO Chris Petersen, who called Donilon's remarks encouraging. "With the recently publicized evidence against China’s use of these capabilities for wide-scale cyberespionage, this issue has become front and center for most Americans. As a nation and a world, we are now forced to ask ourselves, 'What is acceptable use of these weapons -- in time of war and in time of peace?'”

One of the often cited dangers of cyberweapons is the prospect of the targets reverse-engineering the tools used against them and then launching them back at the sender. However Cedric Leighton, CEO of risk-management consultancy Cedric Leighton Associates and former deputy training director for the National Security Agency (NSA), says that risk can be mitigated by developers having "an antidote to the malware they create."

"The most recent statements by White House National Security Adviser Tom Donilon and other officials finally raise the discussion about state-sponsored hacking activities to the level it should have been at long ago," he says.

Despite the controversy, a Chinese foreign ministry spokesperson told the media in a news briefing Tuesday that China was willing to have a constructive dialogue about the issue "on the basis of the principles of mutual respect and mutual trust," Reuters reported.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.