Join our Mailing List

"As long as human rights are violated, there can be no foundation for peace. How can peace grow where speaking the truth is itself a crime?"

US goes public with spying frustrations

November 7, 2011

November 3, 2011 Financial Times

By Joseph Menn in San Francisco and Geoff Dyer in Washington

In accusing China and Russia of conducting widespread and effective
economic espionage against America, the US intelligence establishment on
Thursday brought into the public domain what many in government, the
private sector and the media have been saying for years.
The 31-page document directly blames the governments of the two rival
powers for campaigns to steal American technology, reflecting what
analysts said was a deep feeling of frustration at being unable to stop
the spying through either diplomatic talks or technological defences.

The incidents mentioned in the report include the attack on Google’s
network in 2010, where the company later claimed part of its source code
may have been taken, and a 2011 study by McAfee that described an
intrusion it called “Night Dragon” which took data from the systems of
energy companies and which was traced back to an address in China.
It also lists the cases of three ethnic Chinese employees of American
companies who were arrested for stealing proprietary information which
they had allegedly planned to sell to new employers in China.
The incidents described in the paper released to Congress had been
reported previously in isolation, yet at the time government officials
refused to assert on the record that they were part of major strategic
thrusts, especially by China.
Officials had kept quiet so as not to jeopardise ongoing negotiations or
to reveal exactly what they knew about specific Chinese actors and their
methods. Most companies that have been victims of such cyber-spying have
also sought to avoid putting the blame on China.
Google was a rare exception, when in January of last year it linked an
intrusion it suffered to China. The company, which has vested voting
control in just three individuals, partially withdrew from the country as
a result.
“We believe that more information sharing and dialogue around security is
a positive trend for the industry. This is a topic that people should take
very seriously,” Jay Nancarrow, a Google spokesman, said on Thursday.
But even as an understanding of the pattern has become more prevalent,
other companies have declined to follow suit. RSA, the security company
owned by EMC that admitted a breach earlier this year, blamed an unnamed
government, though people familiar with the case said it was obviously
Even big technology security concern McAfee, now owned by chipmaker Intel,
has pulled punches. A report it issued in August documented a spying
effort that targeted defence contractors, nonprofits, manufacturers and
Olympic committees noted that the evidence pointed to one country, but did
not say which. Both EMC and Intel do substantial business in China and
were reluctant to offend their hosts and business partners, according to
people briefed on internal discussions.
Many companies do not disclose breaches at all, the new government report
observes. They are often unaware of what has occurred, or lack the ability
to pin the thefts conclusively on one group of actors. In other cases,
they fear adverse customer and investor reaction.
One security expert said increased openness was the right thing for
customers and shareholders. But he said he did not know what it would mean
for the US relationship with China. “I just don’t know the end game,” he
said. “Possibly it even helps China to be a more responsible world power.”
The Google incident last year contributed to a sharp deterioration in US
relations with China, which also included disputes about US arms sales to
Taiwan, Tibet and climate change. While some of these disagreements have
been patched up this year, the public accusations in the report run the
risk of fanning new diplomatic tensions.
Indeed, the Chinese government wasted little time in denouncing the
report. “China’s economic development and prosperity is the result of an
effective national development strategy and the hard work of the Chinese
people,” a spokesman for the Chinese embassy in Beijing said. The
allegations in the report were “unwarranted and irresponsible”.
A western government official added: “This report is very direct and
unusual in its tone. This issue is very sensitive and Russia and China
have not responded well when people have tried to make these accusations
in the past.”
While the report attempts to demonstrate a pattern of behaviour behind
individual acts of internet espionage, it admits that it is difficult to
conclusively prove that they were all government-directed. Indeed, the
evidence against Russia in the report is relatively thin, with one of the
few specific cases being the much-derided spy ring that was arrested last
year. Intelligence experts say that it is almost impossible to get a
perfect “smoking gun” of government involvement in such cases.

CTC National Office 1425 René-Lévesque Blvd West, 3rd Floor, Montréal, Québec, Canada, H3G 1T7
T: (514) 487-0665
Developed by plank