Читать книгу The Russia-China Axis - Douglas E. Schoen - Страница 11

Оглавление

CHAPTER 3

Cyber Security: The New Battlefield

“I call it the Wild West, because you can be anywhere and do anything and be effective. . . . All you need is an Internet connection.”

—GENERAL WILLIAM SHELTON, COMMANDER OF AIR FORCE SPACE COMMAND1

“Cyber-networks are the new frontier of counterintelligence. If you can steal information or disrupt an organization by attacking its networks remotely, why go to the trouble of running a spy?”

—JOEL BRENNER2

“The problem is 1,000 times worse than what we see.”

—ALAN PALLER, RESEARCH DIRECTOR, SANS INSTITUTE3

“We have a national problem and it is significant. The next big issue will be a cyber 9/11. I’ve been sounding the alarm, and I’ve been doing this now for 20 years. We are going to have a cyber event that is catastrophic.”

—RETIRED VICE ADMIRAL MIKE MCCONNELL4

“It’s fair to say we’re already living in an age of state-led cyber war, even if most of us aren’t aware of it.”

—ERIC SCHMIDT, GOOGLE CEO5

The press called it “the shirtsleeves summit”: President Obama and Chinese president Xi Jinping meeting for bilateral talks in the unlikely setting of Sunnylands, an estate in Rancho Mirage, California, built by the billionaire Walter Annenberg. The beautifully landscaped grounds, at the intersection of Bob Hope and Frank Sinatra Drives, might encourage a more informal dialogue, Americans hoped, and build trust between the two leaders. And it seemed to be working: At one point, Obama and Xi talked privately for almost an hour as they sat in the shade on a bench made of California redwood—a personal gift from the president to his Chinese guest.

“The president had very good discussions in an informal atmosphere—uniquely informal atmosphere—with President Xi,” said Tom Donilon, Obama’s national-security adviser. “If you go back through studying each of the encounters between an American president and the leadership of China since President Nixon’s historic meeting in February of 1972 in China, I think the uniqueness and the importance of a number of aspects of this encounter really come to the fore,” he said.6

And the summit did produce some results: most substantively, an agreement to cooperate closely in pressuring North Korea to give up its nuclear program.

But on another issue—one with perhaps more “uniqueness and importance” than any other discussed—there was no progress between the two leaders. In fact, there was barely an acknowledgement, on the Chinese side, that the issue existed. This was the matter of cyber warfare and cyber hacking, which Obama had promised the American people he would make a top priority at the talks. The subject had become a flashpoint in U.S.–China relations: The previous fall, outgoing Defense Secretary Leon Panetta had warned of a possible “cyber Pearl Harbor” caused by computer hackers who were trying to bring down critical infrastructure systems.

Moreover, as Obama and Xi sat together in Sunnylands, the Edward Snowden affair was breaking in the media. The day before Obama and Xi arrived at the estate, The Guardian, a British newspaper, broke the story that the National Security Agency had obtained access to voluminous data from the systems of private Internet-based companies, including Google, Facebook, Apple, and others. It was all part of an undisclosed government program called PRISM, under which the NSA could collect data including search history, emails, file transfers, and Web chats.7 New angles kept appearing: The British equivalent of PRISM was Tempora, under which the British Government Communications Headquarters conducted massive electronic surveillance and freely shared their findings with the NSA. As an uproar began, the source of these bombshell findings unveiled himself: American Edward Snowden, a former CIA employee and, at the time, an “infrastructure analyst” for NSA contractor Booz-Allen Hamilton. Snowden made the disclosures from Hong Kong, where he had gone under the guise of receiving epilepsy treatment; once there, he spilled the goods on the classified U.S. government programs to Guardian journalist Glenn Greenwald.

That’s right—the most notorious national-security leaker in recent American history fled to China for shelter and protection. And, after the Hong Kong government rejected American pleas to extradite him, Snowden flew off to Moscow. There, he sheltered for weeks in the transit area of Moscow’s Sheremetyevo Airport—while Russian president Vladimir Putin, like the Chinese, refused to extradite him to the United States.

We’ll explore the Snowden case in more detail in our “Intelligence Wars” chapter, but its explosion into the news just as Obama was attempting to press China on cyber hacking and thievery could not have been more symbolic. The Snowden leaks exposing vital national-security programs, and the American failure to get him back for prosecution, represented a huge win for Russia and China—all the more so when Snowden, in effect, told the Chinese that we were spying on them, confirming their accusations against the U.S. The Snowden fiasco also mirrored the general ineffectiveness of U.S. efforts to confront its adversaries on the cyber issue.

Sitting with Xi at Sunnylands, Obama detailed a number of massive cyber attacks against American targets and made clear that the U.S. had no doubt they came from China. He warned Xi that Chinese cyber attacks would directly threaten the American–Chinese relationship, especially economically. But the president found Xi as immovable as Mao. Xi would protest only that China suffers cyber intrusions, too; he gave no quarter, made no admissions, and pledged no cooperation. Donilon, for his part, claimed that Obama had raised the issue with some force—Donilon made no mention of Xi’s response, which was unpromising. It was more of a one-way phone conversation than a negotiation.8

While Xi seemed tight-lipped about the subject, his actual message couldn’t have been clearer, and it was based in the most traditional kind of power politics: I’m going to keep doing what I’m doing because it benefits me, and because the price to you of trying to stop it is too high. In other words, China’s cyber war against the U.S. would continue.

Obama’s attempt to confront Xi came on the heels of stunning news reports earlier in 2013 that made clear the extent and sophistication of Chinese-based cyber attacks on every major aspect of American life—financial institutions, private-sector businesses, military systems, government servers, political groups, and infrastructure and power grids. These attacks have been going for years, but only recently has definitive evidence linked them to China. It is now undeniable that China is the leading global practitioner of cyber warfare.

However, the Chinese are not alone. Their Axis partner, Russia, also excels at cyber sabotage and aggressive technological attacks, though the Russians’ expertise takes different forms. Proof of Russia’s involvement in attacks on the American mainland has so far been lacking, but independent Russian hacker groups—if they really are independent of Moscow—have launched audacious, damaging attacks on U.S. and Western financial targets. The hacking of American retailer Target in December 2013, the largest of its kind in U.S. history—involving 40 million stolen credit card numbers—originated from Russian computers.9

Like Xi, however, Putin dismisses questions about cyber attacks, scoffing at the mention of “hackers” as if they were beneath his notice. And he maintains his denials that Russia was behind the sabotage that disabled Estonia in 2007 and Georgia in 2008, bringing havoc to these countries at a time when they challenged Moscow. The Chinese have attempted nothing on this scale to date.

Finally, there is Iran, which, remarkably, has launched what is believed to be the most destructive attack yet on a private-sector target: the “Shamoon” virus, which brought down 30,000 computers of the Saudi oil giant Aramco in 2012.

Cyber security may well be the ultimate battleground in our conflict with the Axis forces—cyber assault is the most immediate threat the U.S. faces, as well as the one we understand the least. Moreover, it is an area in which our key adversaries excel, in different ways. On this playing field, the power imbalances between America and the Axis are meaningless: In cyber war, the strength of your military and the size of your GDP and navy are irrelevant. What matters is whether you and your intelligence assets have the technological chops and the political daring to launch sophisticated attacks on the world’s only superpower. Russia, China, and Iran have already shown that they have all the capabilities and a good share of the political daring. They are defiant and unrepentant when challenged.

To be sure, from an offensive perspective, the United States has displayed its mettle. The U.S. possesses the most sophisticated cyberwar capabilities in the world, as it demonstrated in 2009, when the Stuxnet virus disabled the Iranian nuclear facility at Natanz. Washington denied responsibility, but most experts are confident that Stuxnet was an American operation. So are the Iranians, who launched the Shamoon virus at least partly in retaliation.

The issue for the U.S., then, is not whether it can launch effective attacks, but whether it can defend itself against them. For all the worries that Americans and their political leaders have about protecting the country against military or terrorist attacks, an invisible and virtual enemy could inflict far more extensive damage on the nation. The ball here, as elsewhere, is in America’s court: The intentions and behavior of its two primary adversaries could not be more consistent, confrontational, or transparent. It is past time that Washington got serious about the looming cyber catastrophe.

THE VULNERABILITY

Richard Clarke must be accustomed, by now, to giving dire warnings—and to being ignored until it is either too late or precariously close to being so. The man who spent the years before 9/11 warning, mostly in vain, about the threat posed by al-Qaeda eventually turned his attentions to cyberspace. In 2010, his book Cyber War, written with Robert Knake, described potential attacks of unimaginable scope, complexity, and destructiveness and laid out how the U.S. remains undefended. And, as he had in the years before 9/11, he sketched a graphic scenario:

The Russia-China Axis

Подняться наверх