recommended reading

U.S. should get tough with China over cyberattacks, experts urge

China's Minister of National Defense Gen. Liang Guanglie and Defense Secretary Leon Panetta appeared together last week in Washington.

China's Minister of National Defense Gen. Liang Guanglie and Defense Secretary Leon Panetta appeared together last week in Washington. // Manuel Balce Ceneta/AP

After China’s visiting defense minister denied American accusations that his country is behind a growing wave of cyberattacks aimed at the United States, 79 percent of National Journal’s National Security Insiders said Washington should take a tougher public stance and push Beijing on the issue.

The denials from Gen. Liang Guanglie, speaking alongside Defense Secretary Leon Panetta at a news conference earlier this month, contradict warnings by U.S. officials that the cyberattacks from China have become a serious economic and national security threat.

Considering the damage caused by those attacks, one Insider said: “China’s cyber-aggression cannot go unanswered or ignored, as it so often is.”

Given the Chinese government’s control over Internet access in the country, assertions that it has no control over cyberattacks emanating from its territory are “laughable,” one Insider said. “The U.S. government should push back—and push back hard.”

Such pressure would be long overdue, one Insider said. “The U.S. intelligence community very publicly acknowledged [China]’s cyberespionage and attack activities ... yet hasn’t demonstrated the political will to dissuade, deter, or compel them from continuing. If not addressed, what’s the disincentive for China—or any other country reading into the tea leaves—to stop or even escalate?”

Another Insider noted that cyberattacks are not only the new form of espionage, they are a new form of warfare. “The U.S. must take a tougher public stance against Chinese and other hackers and develop the strategies and defense mechanisms to make such attacks more difficult. We should also reserve the option to respond in kind to cyberattacks affecting our critical infrastructure.”

Another 21 percent of those polled said public confrontation would be counterproductive in Beijing’s case. “Behind-the-scenes diplomacy aimed at increased cooperation and confidence-building will yield some progress over time,” one Insider said.

“Come on, does anyone really believe that the [National Security Agency’s] Cyber Command is not doing the same or worse to China?” another Insider asked. “Cyber war/defense is the next giant gravy train for the obese security-industrial complex, hence all the overblown hype.”

Insiders were more evenly divided when asked if the threat posed by al-Qaida has changed in the past year. 

Though the Obama administration reports that it has crippled al-Qaida, U.S. intelligence officials recently helped to thwart the second attempted bombing of an American-bound airliner by the Yemen-based group al-Qaida in the Arabian Peninsula. A slim majority of Insiders (51 percent) said the threat from al-Qaida-inspired attacks has remained about the same since Osama bin Laden was killed in a U.S. raid of his compound in Pakistan last year.

“The threat is still out there, but it has changed, becoming more dispersed,” one Insider said. “While the capacity for large-scale attacks has probably declined, the overall threat has remained about the same.”

Al-Qaida is definitely not crippled, but the United States’ ability to mount difficult intelligence operations against it appears to be far better than it was 10 years ago, one Insider said. “As always, the key to defeating terrorism will be in fixing the social conditions (high unemployment, illiteracy among others) that spawn it.”

Another 42 percent, however, said the threat has declined. An Insider noted that drone and other strikes — based for the most part on cooperation with friendly intelligence services — have decimated Qaida leadership, disrupted scores of operations, and demoralized remaining fighters.

“The Arab awakening also helps, by offering an alternative way for young Arabs to take action to oust corrupt autocrats. Stemming [the] long-term terrorist threat requires skillful diplomacy to enhance ties with friendly leaders while supporting peaceful political evolution,” the Insider continues. “Aggressive intelligence operations will remain vital to snare miscreants. The role for U.S. military support to counterterrorism will diminish.”

Only 7 percent of the Insiders surveyed believe the threat has grown. “We have serious problems in Yemen; al-Qaida is active in northeast Africa and south of the Sahara. In other words, its franchises are thriving,” the Insider said. “We have a long-term challenge that we cannot ignore.”

Read the rest of the survey results at the National Journal

Threatwatch Alert

Credential-stealing malware / User accounts compromised / Software vulnerability

Android Malware Infects More than 1M Phones, Adds 13,000 Devices a Day

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.


When you download a report, your information may be shared with the underwriters of that document.