Snowden’s Leaks Cloud U.S. Plan to Curb Chinese HackingMichael Riley
The Obama administration’s strategy for confronting China over the theft of commercial technology has been battered by Edward Snowden’s disclosures of U.S. spying, leaving officials rushing to salvage a plan they crafted in secret over the past two years.
A public confrontation with China that appeared to erupt spontaneously this year actually coalesced after significant shifts in U.S. policy and years of internal argument, analysis and vetting, according to two people briefed on the plan who asked not to be identified because they weren’t authorized to speak on the matter.
Approved by top national security advisers and presented to President Barack Obama in a series of meetings in 2012 and early this year, the plan includes classified counterintelligence operations, the seizure of assets and even the possible indictment of Chinese hackers, those people said.
The U.S. already has privately provided China’s leaders with evidence it gathered linking the hacks of commercial companies to China’s intelligence agencies -- a risky demarche that exposed the methods of U.S. spy agencies tracking those activities, according to the two people.
While some elements of the plan are well under way, other parts were intended to be rolled out over the next several months to increase pressure on China’s leaders.
What the administration didn’t anticipate was that a disaffected American would expose some U.S. spying operations as it prepared for Obama’s first meeting with China’s new president.
Snowden, a former worker for government contractor Booz Allen Hamilton Holding Corp., disclosed top-secret U.S. National Security Agency programs that collect phone and Internet data. He fled to Hong Kong and then Moscow, as the administration has pleaded for his extradition.
With every twist in the global cat-and-mouse game with Snowden, the administration has to struggle to keep its plan to take on China over its hacking of commercial secrets from being upended by damaging publicity.
“It’s now going to be a lot harder to convince people in South Africa or Indonesia or Brazil that we are any different than the Chinese,” said Adam Segal, a specialist in cybersecurity at the Council on Foreign Relations in New York.
The question is how much of the plan remains effective and workable. The first test may come early this month, when U.S. and Chinese officials convene for the first time a working group on cybersecurity, including data theft.
China has portrayed itself as a victim of cyber-attacks, not a perpetrator, and called last month for international regulation under the United Nations.
On June 27, Yang Yujun, a spokesman for China’s Defense Ministry, said the U.S. had a double standard when it comes to cyberspying and that Snowden’s leaks of classified programs have revealed “hypocritical behavior,” according to Xinhua, the state news agency.
Some of the steps previously considered by the Obama administration may not be well-suited to the current environment.
Even if there is no chance of getting the Chinese into a U.S. court, an indictment of China’s hackers by the Justice Department’s national-security division had emerged as a way for the government to lay out evidence of how China is orchestrating the theft of global technology and industrial know-how. The prospective tactic was vetted over several months, said the two people familiar with the plan, and finally approved.
A person involved in that process said he believed that such a step now -- amid the furor over the National Security Agency’s cyber-espionage -- would lose much of its punch.
The same might apply to statements over China as a source of hacking made in the past five months by senior administration officials including National Security Adviser Tom Donilon, Defense Secretary Chuck Hagel and the president himself.
“You’re going to see a lot less public rhetoric for a while,” said Ellen Shearer, co-director of Northwestern University’s National Security Journalism Initiative in Washington. “It just opens them up for questions afterward about their own activity.”
Laura Lucas, a spokeswoman for the National Security Council, said the agency doesn’t comment on internal deliberations.
U.S. spy agencies, using some of the methods disclosed by Snowden, have tracked China’s hackers for more than a decade, according to secret diplomatic cables made available by the anti-secrecy group WikiLeaks. By 2011, a body of accumulated evidence pushed the administration to action.
A classified report by U.S. intelligence agencies in August 2011 showed the scope of China’s collection across dozens of industries, including the theft of valuable clean-energy technology and satellite engineering, as well as data on microelectronics, chemical manufacturing, conventional energy technology and more, according to a person briefed on the survey who asked not to be identified discussing its findings.
“The scale of their economic espionage against all countries, not just the U.S., is overwhelming, so large that it’s creating instability in the world,” said James Lewis, who specializes in cybersecurity at the Center for Strategic and International Studies in Washington. “They have to realize that this is not what normal countries do.”
Obama’s team formed an interagency policy committee focused on the cyberthreat from China, placing it within the National Security Council and pulling in experts from the FBI, the State Department, the Treasury Department and intelligence agencies.
Interagency policy committees, or IPCs, are the workhorses of national-security decision making and signal the importance placed on emerging threats. Among the task forces developed during President George W. Bush’s administration were IPCs on pandemics, maritime security, and biodefense, according to a 2011 report by the National Defense University. The list of Obama’s IPCs remains classified, the report said.
The sensitivities of the U.S. relationship with China and its role in global trade made the work of the task force especially difficult. The option of placing trade sanctions on goods made with stolen technology -- an idea now popular in the U.S. Congress -- was debated for months before it was jettisoned by the group as unworkable, the two people briefed on the private deliberations said.
Thick dossiers on individual hackers and their organization already have been compiled. Indictments could include military personnel or private contractors and civilian employees, depending on the desired impact, according to a person familiar with the intelligence.
Some elements of the plan already have been put in motion, including providing China’s leaders with clear evidence that the cyber-attacks were aimed at acquiring advanced commercial technology. Because that option risked compromising some U.S. intelligence sources, it was carefully vetted by top national security officials before being approved last year, according to the two people briefed on the process.
The move was seen as important in order to undercut China’s repeated denials and kick-start discussions on putting private companies off limits to state-sponsored hacking, which is among the U.S. goals for the upcoming talks, the people said.
Snowden’s leaks may have made other elements of the plan less risky, two U.S. officials said. Disclosures that the U.S. had hacked into China’s Internet backbone as well as specific computers has compromised those sources, letting the U.S. reveal information gathered from them.
The result, Lewis said, is that Obama can now decide “when to deploy a measure and what measure to deploy that won’t blow up the relationship but will get China’s leaders to take this seriously.”
Not all elements of the plan hinge on the public’s view of the U.S. role in cyberspace as less threatening than China’s, although some do.
Applying multilateral pressure to hem in China’s leaders is a significant part of the strategy, and the U.S. scored a recent success when a UN working group found in early June that international law and the protection of intellectual property applied in cyberspace.
“The White House has made a terrible error in failing to distinguish all along industrial espionage from political-military stuff,” said Joel Brenner, who was the head of U.S. counterintelligence under Bush and Obama. “They’re trying to make that distinction now, and nobody’s listening.”
Officials involved in the debate say that after the uproar over Snowden’s leaks passes, many of the fundamentals of the U.S. case -- and the administration’s plan -- will remain the same.
“This is a long-term problem, and it’s not something to be solved overnight either,” said Michael Daniel, the most senior cybersecurity official in the White House.
The model is the engagement with China over how to curb the proliferation of weapons of mass destruction, an effort that took years to bear fruit, Lewis said. The real discussions will occur behind closed doors, not in public view.
“The Chinese will try to get as much leverage they can get out of Snowden,” Lewis said. “But in the actual talks it doesn’t give them a lot to stand on.”