Taming cyber-dragon
• The Washington Post
This is an archived article that was published on sltrib.com in 2013, and information in the article may be outdated. It is provided only for personal research purposes and may not be reprinted.

Three major U.S. newspapers — The Washington Post, The New York Times and the Wall Street Journal — reported recently that Chinese intruders hacked into their computer networks, snooping for passwords and information about coverage of China.

The intrusions at The Times and the Journal coincided with an extraordinary period in recent months, during which China's leaders and their extended families were shown by investigative newspaper reports in the papers to have amassed huge fortunes and one of China's most prominent politicians, Bo Xilai, fell from grace in a corruption scandal.

China denies carrying out cyber-espionage, theft and disruption. But there is a growing amount of evidence that it is behind one of history's great heists of intellectual property, a vast and multi-tentacled collection drive aimed at corporations, the U.S. government, universities, stock exchanges and think tanks, among others. The newspapers are only the latest example of companies that found footprints of the Chinese cyber-dragon in their corridors.

China's motivation in economic espionage is to steal technology that will help leapfrog generations of development; going after the military and newspapers is more like classic spying. The U.S. government spies on China, too, although U.S. intelligence agencies do not steal technology for the private sector.

All of this raises a question: How should the United States respond? In the absence of action by Congress, President Obama has just issued an executive order intended to help the private sector defend against cyberattacks by China and others. But discussions with China itself have gone nowhere. The time is ripe for something stronger. In an interview with reporters before leaving office, Secretary of State Hillary Rodham Clinton said that the United States must make it clear to Beijing that there will be consequences for unbridled hacking.

Cold War-style arms control treaties are probably not workable in cyberspace, where attacks unfold at lightning speed and at the hands of hard-to-find hackers. But the United States could begin to speak more firmly to China's leadership about the problem, perhaps threatening to deny visas or expel those found to be involved in economic espionage. If a little pressure does not succeed, the United States could ponder more aggressive options, such as whether to launch offensive cyber-assaults to preemptively disarm adversaries. That would be delicate and risky. As Clinton noted, this "can become a very unwelcome and even dangerous tit-for-tat that could be a crescendo of consequences, here and around the world, that no one wants to see happen."

China is no longer the poor and isolated nation of Mao's day. In cyberspace, it must behave like a global economic superpower and not like a petty pickpocket.