CFR Presents

Asia Unbound

CFR experts give their take on the cutting-edge issues emerging in Asia today.

Print Print Email Email Share Share Cite Cite
Style: MLA APA Chicago Close

loading...

China Must Worry about an American Version of Shady RAT

by Adam Segal
August 6, 2011

One of the most widespread reactions to the revelation of Operation Shady RAT, the five-year long hacking of over 70 organizations in 14 different territories, has been: how did this go on for so long without anyone knowing about it? Or to put the question in a more strategic context, why hasn’t the United States (or the West more broadly) told China to put a stop to this?

The answers fall into several categories:

  • Companies have been either been naively ignoring the scope of the problem or are totally clueless about it. Or as Dmitri Alperovitch, the report’s author, put it: “I divide the entire set of Fortune Global 2000 firms into two categories: those that know they’ve been compromised and those that don’t yet know.”
  • Cybersecurity is broken and has been broken for a while. Cloud computing and the explosion of mobile devices have greatly complicated the problem. Traditional firewalls and signature detection cannot cope with the highly personalized attacks that the hackers behind Shady RAT and a host of other breaches used.
  • Companies do not want to anger China.  When Google announced it was hacked in January 2010, it claimed “at least twenty other companies” were similarly targeted. No other company spoke up, probably because they did not want to draw Beijing’s ire and face problems doing business in the China market.
  • This has not been a priority for the United States government, either because it has other issues it wants to address with China–North Korea, revaluation of the RMB, Iran–or, stated baldly, the Chinese own us. As Kevin Fogarty put it, “The U.S. could protest cyberattacks by sending a couple of aircraft-carrier groups to the China Sea for a little gunboat diplomacy, but it would be pretty embarrassing if China were to just repossess the whole fleet as partial repayment of the $1.2 trillion the U.S. owes it.”

Here is one additional possibility that I haven’t seen discussed. Maybe the U.S. has not called China on the mat before because it has been getting so much information from its own hacking of China.  We know that Chinese networks are probably extremely vulnerable. The security researcher Dillon Beresford spent 18 months in computers belonging to provincial and central government agencies, universities, and the People’s Liberation Army. This BusinessWeek article describes companies that discover and sell unknown bugs to government contractors as a growing segment of the cybersecurity market. Those vulnerabilities are being used against someone.

The McAfee report describes the attacks as an “historically unprecedented transfer of wealth.” But maybe, at least until recently, the balance was titled toward the United States. American hackers had steady access to important political and military secrets. Now that the scales are shifting, the two sides share a common interest in developing some agreed rules about state behavior in cyberspace. Or they just may decide to invest more in offensive capabilities, provoking an arms race.

Post a Comment 3 Comments

  • Posted by Matthew Robertson

    I don’t understand Mr. Fogarty’s comment: “The U.S. could protest cyberattacks by sending a couple of aircraft-carrier groups to the China Sea for a little gunboat diplomacy, but it would be pretty embarrassing if China were to just repossess the whole fleet as partial repayment of the $1.2 trillion the U.S. owes it.”

    I understand that this is meant rhetorically–that the PRC couldn’t _actually_ repossess US aircraft carriers…. but apart from that, what is it trying to say? In fact, in the next paragraph of his article he talks about the towing and daily storage fee! If it’s a joke, it doesn’t make much sense.

    Also, what would the US have to gain from hacking China? What intellectual property does China have that the US doesn’t? One could find out a lot about how the CCP conducts domestic affairs, but is the US going to hack for that? Would such an operation not be subject to lots of bureaucratic hurdles in the US?

  • Posted by swoosh

    Or it could be because the US know who is actually the culprit

  • Posted by John Hildebrand

    I have to believe that the US has broken into the Chinese security systems and is hacking its way through valuable information. No way would our intel community NOT being doing that. I just feel that we have a history of doing it longer then the Chinese so we aren’t getting “caught” so to speak, like the Chinese are.

Post a Comment

CFR seeks to foster civil and informed discussion of foreign policy issues. Opinions expressed on CFR blogs are solely those of the author or commenter, not of CFR, which takes no institutional positions. All comments must abide by CFR's guidelines and will be moderated prior to posting.

* Required

Pingbacks