Google’s woes in China are a warning shot in the new Cold War of our time — the fight for dominance of cyberspace. It’s a conflict the United States can’t afford to lose.
Start by realizing that Google’s decision to leave China was about far more than censorship. For the past year, Chinese government hackers have been trying push their way into Google’s operating system. In recent attacks, they may have abused Google to access computers of some 200 US companies. That is, hacking Google gives China access not just to personal data about Chinese dissidents but any number of Americans — and a portal to probe deeper into our nation’s Internet defenses.
The Chinese have been on this case for a long time — since 1999, when their military first adopted cyberattacks as a key to its overall strategy.
Every day, 6,000 hackers for the People’s Liberation Army steadily look for ways to disrupt, disable and disarm America’s most vital cyber links and systems.
In 2007, Chinese hackers got into the secretary of defense’s e-mail system; 1,500 separate Pentagon communication networks had to be shut down. That same year saw what some call the Pearl Harbor of cyber attacks, as someone (almost certainly the Chinese) penetrated the Pentagon, State, Energy and Commerce Departments and ran away with enough data, much of it sensitive, to fill every bookshelf in the Library of Congress.
Last October, our Defense Department opened its first Cyberwarfare Command center at Fort Meade. It’s a long-overdue signal that we are finally going on the ‘Net-offensive.
But Cyber Command still doesn’t have a permanent home. And the fact that the Pentagon has hired a firm specializing in “ethical hacking” to train its cyber warriors suggests we still have a long way to go.
Howard Schmidt, appointed in December as President Obama’s White House czar on Internet security, doesn’t even like the word “cyberwarfare.” He calls it “a terrible concept,” because it implies someone can prevail over someone else in a full-out conflict to see who can crash whose networks fastest, when “there are no winners in this environment.”
Former Director of National Intelligence Mike McConnell disagrees. He says flatly that we are in a cyberwar with an array of foreign powers, including al Qaeda — and we’re losing.
That conflict is rapidly going beyond the problem of protecting secure data from hackers. It involves distracting, disrupting, disarming and dominating the networks essential to a nation’s defenses, even its day-to-day functioning — everything from satellite communications and military command and control to banking, air-traffic control and the power grid, including nuclear power plants.
Assassin’s Mace is the Chinese code phrase for a no-holds-barred scenario involving hundreds of hack attacks on US communication networks, military and civilian. Russia deployed such an attack in 2007 on Estonia, knocking out ‘Net access for government, media and banks for two weeks — leaving the Baltic nation stranded in cyberspace.
The Pentagon has been fighting a desperate defensive battle against foreign hackers for years. Its networks, including the SPIRNET classified-internal communications system, are exposed to 360 million attacks a year — and the military’s Global Information Grid gets attacked 3 million times every day.
And every day al Qaeda tries to disrupt our military’s ability to communicate with its Predator drones operating in Pakistan and its anti-IED robots in Afghanistan — even to turn them around against our own troops.
The Pentagon’s trying to upgrade to a more systematically aggressive and strategic approach. But it’s an uphill fight for several reasons:
* We have more to lose. Our nation, including its military, is more netcentric than many of our antagonists, both present and future, and more dependent on secure data and cyber networks. This means resources naturally get directed more to cyber security than cyber strategy — and more energy to preventing our systems from crashing, instead of aiming to crash theirs.
* Hacking is a long tedious hit-and-miss process, involving failure far more than success. The more hackers working 24/7, the more likely they will find vulnerabilities. Our military and intelligence services need to bring our effort up to at least the Chinese army’s 6,000.
* Progress has been slowed by concerns, not always unreasonable, that techniques developed to shut down Iranian or Chinese military assets over there might be used to violate privacy here at home.
* The Chinese are simply hungrier than we are — still a distant second in terms of military hardware and sheer strategic power. Like the Germany army in the ’30s, they’re making up for their still-slender hard resources by developing doctrines like Assassin’s Mace — which just might be the Blitzkrieg of the future.
When World War II broke out in 1939. France had more and better tanks than Germany. But the Germans were trained to use them aggressively as the key to victory, while the French were still shoring up their Maginot Line. The Chinese are busy training their next generation of cyber Rommels and Pattons. We need to be doing the same, and soon.
Arthur Herman’s most recent book, “Gandhi and Churchill,” was a finalist for the Pulitzer Prize in 2009.