Published February 19, 2013
WASHINGTON – Obama administration officials said Tuesday they have "serious concern" with China's alleged cyber-snooping and are raising the issue "at the highest levels" in Beijing, on the heels of a report that claimed China's People's Liberation Army had stolen data from 115 U.S. companies over a seven-year period.
U.S. officials would not comment directly on the report. But they said the U.S. is bulking up its cyber-defenses while stressing a new -- albeit controversial -- White House executive order aimed at helping protect computer networks of crucial American industries from cyber attacks.
State Department spokeswoman Victoria Nuland stopped short of saying whether the U.S. was in a cyber-war with China.
But she and White House Press Secretary Jay Carney said U.S. officials have started a dialogue with the "highest levels" of the Chinese government, including with "officials in the military."
"It is a major challenge for us in the national security arena," Carney said, adding that it is known that foreign countries and companies "swipe" sensitive U.S. information.
Pentagon spokesman George Little also said the U.S. is a "victim of cyber-attacks from various places around the world," and continues "to shore up our cyber defense which this department is doing."
He acknowledged that "cyber threats do emanate from China."
The comments come on the heels of allegations made Monday that a group linked to the Chinese government has been hacking into the online accounts of U.S. businesses. U.S. firm Mandiant Corp. said in a 74-page report that the group affiliated with China's People's Liberation Army had stolen data from 141 companies, 115 of which were in the U.S., over a seven-year period starting in 2006. While Mandiant didn't name the specific companies that were hacked, the report did say those targeted included information technology, aerospace and energy companies.
Stolen information includes details on the proprietary process in some companies, blueprints and contact lists, according to the report.
In recent weeks, many news organizations -- including The Wall Street Journal which is owned by the same company as Fox News -- have said they were the victims of Chinese hackers.
Speaking at a daily news briefing on Tuesday, Chinese Foreign Ministry spokesman Hong Lei denied the latest accusations and questioned the report's credibility.
"Cyberattacks are anonymous and transnational, and it is hard to trace the origin of attacks, so I don't know how the findings of the report are credible," Lei said.
But the threat from China and other countries has already been setting off alarm bells in Washington.
During his State of the Union address on Feb. 12, President Obama acknowledged America's growing threat from cyber-attacks without mentioning China by name.
"We cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy," he said.
Last week, Obama signed an executive order aimed at helping protect computer networks of crucial American industries from cyber attacks. His order calls for the development of voluntary standards to protect the computer systems that run critical sectors of the economy -- such as transportation and banking industries. His order also directs the country's intelligence and defense agencies to share classified threat data with those companies.
James Lewis, senior fellow at the Center for Strategic and International Studies (CSIS), said there's a "range of measures" the U.S. could take to address the rash of cyber-attacks.
"That includes diplomatic efforts first," he said. "That could mean sanctions with other countries like Britain, France, Germany, India and Australia which have all been targets of cyber-espionage by China."
Or, Lewis said, the U.S. could begin to restrict visas for Chinese researchers or expel attaches.
"There is this myth that the Chinese have some sort of power over the U.S. but that's not true. It's a symbiotic relationship," he said.
Lawmakers were beginning to respond to the report late Tuesday.
Sen. Dianne Feinstein, D-Calif., called the latest allegations a "sobering public report on the lengths to which the Chinese military has gone to infiltrate and hack American companies" that "demonstrates the need to pass cyber security legislation as soon as possible."
She also called for a "binding international agreement among nations to prohibit cyber crimes and attacks with a workable enforcement mechanism."
Congress has been struggling for years to reach a consensus on cybersecurity legislation.
Democratic Sen. Jay Rockefeller, D-W.Va., is sponsoring legislation to fight cybercrimes and combat threats to critical infrastructure such as power grids and water supplies. Last year, Rockefeller was one of four co-sponsors of a Senate cybersecurity bill that was ultimately defeated by the GOP, privacy advocates and business groups.
Rockefeller, the chairman of the Senate Commerce Committee, started writing letters to the heads of Fortune 500 companies asking them to describe their companies' cyberattack readiness. It is not known whether anyone responded.
The Associated Press contributed to this report.