from the Italian edition of the MIT Technology Review
For the past few years, the American government has kept a balanced attitude towards China. On the one hand, it recognizes China’s role in the international arena as the world’s second largest economic power. On the other hand, for various reasons, the US contests some of its behaviors that are sensitive for the American public, like the general theme of human rights (freedom of speech, travel, etc.), or the more specific “social dumping” that has caused the migration of so many jobs from the US to China.
These subjects have been a recurring theme in every bilateral meeting between the two countries, so much so that the American delegates feel that it is their duty to bring them up each time, even if they are fully aware of the sterility of their message. They have always done it, sure of the unanimous consent from the home front.
A unique case has come up in recent times, however, and it involves the online world, a subject that has always been of particular interest for our magazine. We have already written at length, around the time of the Arab Spring, about how the Chinese government was able to block anti-governmental messages at their source, and how they were able, by borrowing a typical marketing trick from the Americans, to turn the online furor over the messages from Cairo and Tunis to their favor. But it all comes back to the same fundamental issue of limits on freedom of information, which seems intrinsic, albeit certainly not shared by a democratic point of view, to the maintaining of the political stability that is so important for the growth of an enormous complex like China.
The unique case that we have been hearing about lately is one of industrial espionage via the Internet where, differently from recent past, American commenters and public opinion are deeply divided, so much so in fact that the parent company of this publication found itself in the middle of a debate it probably was not expecting.
A recent article out of Cambridge reviews a 60-page report by the American cyber security company Mandiant in juicy detail. The report explains how APT1, a Chinese institute in Shanghai, has been penetrating the confidential communications of large companies in order to steal their industrial secrets. The damage is estimated in the hundreds of terabytes of sensitive corporate data from 141 companies dating back to 2006, including Tencent, a company that designs software for controlling energy infrastructure, raising the stakes to cyber terrorism.
Mandiant’s report came just one week after President Obama’s announcement of a new national commitment to protect the United States from cyber assaults aimed at stealing industrial secrets and undermining infrastructure. A few days later The Economist wrote about the Mandiant report and used the occasion to rebuke China and urge it to correct its behavior.
The article in the US edition of the MIT Technology Review, however, noted an odd detail from the Mandiant report, calling attention to the fact that the “thefts” had been occurring without any attempt at hiding their provenance. The report questioned how it could be possible that the operators behind the attacks were so unprofessional. Mandiant, in fact, sustains that APT1 is part of Unit 61398 of the People’s Liberation Army and is engaged in a campaign of industrial espionage to help Chinese companies gain an advantage by stealing secrets from their western counterparts. Companies in Canada, the United Kingdom, South Africa, and Israel have also allegedly been targeted. However, the fact that the aggressors didn’t bother to hide their IP addresses casts doubt on the possibility of the PLA being behind APT1’s actions, since the Chinese Army’s cyber capabilities are widely considered to be very good.
The report is certainly very interesting, but even more interesting is the fact that not all of the comments on it were negative towards the Chinese. In fact, there was even some criticism of the report, ranging from an analysis of the report’s errors to disparagement of MIT’s magazine for publishing the report without performing due diligence.
Even more interesting again is that an authoritative source like Bloomberg Businessweek Technology Insider denied that the cyber crime originated from China only a few days later, writing that the real culprits are Eastern European, building on the already established link between Belarus and the computer virus attack on Iran’s uranium enrichment program. Bloomberg’s account begins at the Barcelona Conference, where the largest Internet companies of the world (Microsoft, Apple, Facebook, Twitter, and co.) shared their stories as victims of cyber crime.
Identifying the penetration method, a so-called waterhole attack, the theory of China’s involvement was replaced with the idea that Eastern Europeans and the Russian Mafia could be the ones responsible. The goal would have been purely commercial: stealing secrets not to advance a country’s technology sector, but to sell them to the highest bidder, wherever they may be.
What is happening? Do the great Americans of the Internet see China with a different eye than the recent past, when Google fought bitterly with Beijing, or should we consider a different account than the simplistic scenario of China stealing technological secrets for their national interest? Maybe China has nothing to do with it, or maybe APT1 is a purely commercial operation and not one of “national industrial policy.” For the moment, both theories reside in the realm of science fiction politics, but it is worth our while to remember and compare them to gain valuable insight.