Cybersecurity

China's cybersecurity fears sound very familiar

In China, fears of U.S. mirror American fears of China

I’ve been traveling in China lately, and I came across a fascinating article that tells us a lot about Chinese perceptions of cybersecurity issues — and something about the human psyche as well.

China has been the focal point of many U.S. cyber fears. We are concerned about our vulnerability to attacks — not only on government databases but also on our electrical grid and financial system — and many articles have highlighted the threat from China. Many Americans also fear that the government’s use of software created in China and other nations creates a risk that programmers could embed code that allows foreign intrusions into U.S. military databases.

In that context, the article I came across in the English-language China Daily was an eye-opener. The title was “China at the mercy of global hackers.”

Early in the article, a Chinese academic expert on cyber warfare said: “In a worst-case scenario, a security breach could result in the breakdown of the energy supply and collapse of the financial system, not to mention a collapse of the national defense capability.… The capability to defend China’s information and cybersecurity is extremely weak, and many of its online applications remain vulnerable to assault.”

The article further reported that a think tank report had “warned the country’s ‘cyber sovereignty’ had been put in jeopardy by the domination of foreign investment in the local Internet industry.” The think tank report cited Microsoft’s decision to disable its MSN instant messaging service in five countries for political reasons as evidence that “alien involvement” in China’s Internet services “could put the nation’s security at serious risk.”

Finally, the report states, President Barack Obama’s efforts to “find back doors into the digital fortresses of potential enemies” could pose a risk.

In other words, it sounds like China is afraid of the United States in about the same way the United States is afraid of China.

Some might chalk the article up to a fiendish disinformation effort, trying to lull us into a false sense of security. I find that view implausible. Instead, I chalk it up to a human tendency — first noted by the distinguished Harvard political scientist Sidney Verba — to engage in power denial, the human perception that we are weak, while our enemies are 9 feet tall.

During that same trip to Asia, I listened to Chinese people tell me they are afraid that if they put too much pressure on North Korea, the government will fall, precipitating a South Korean takeover of the north that would put a U.S. ally on the Chinese border. Meanwhile, South Koreans have told me that if North Korea collapses, they are afraid China will take over North Korea, putting it on the South Korean border.

China might look like a threat to our cybersecurity, and we feel unprepared. But they feel the same way about us.

About the Author

Kelman is professor of public management at Harvard University’s Kennedy School of Government and former administrator of the Office of Federal Procurement Policy. Connect with him on Twitter: @kelmansteve

The 2014 Federal 100

Get to know the 100 women and men honored this year for going above and beyond in federal IT.

Reader comments

Thu, Jul 9, 2009 Esteban Grozny Tucson

Just a follow-up to my last post re Mr. Kelman's article: the 4-July-09 issue of Newscientist posted an article that someday soon (if not yesterday) a savvy techie in one of the Asian chip factories can (because of the increased complexity of the circuits) plant Hardware trojans/viruses that could (on command or after a specified time) either malfunction or execute some set of malicious commands. Years ago the Chinese claimed that they had to develop their electronic inducstry so that the West could not do that to them. Today, due to the lack of foresight on the part of our profit driven electronics industry the west has to find out how to protect itself form that very eventuality. Isn't short-sighted capitalism wonderful? P.S. Security expert Roger Grimes recently said that fears of such things were irrational because why would a supplier destroy their best customer. And the answer is because they can and in that way take over the world without having to destroy any real estate, no radioactive debris to clean-up, just pack the losers off to re-education camps where they can work -off their 'sins'.

Fri, Jul 3, 2009 Jim Wright Washungton DC

Mis-information and denialability to the extent the author refers to is not only plasable, but is a well acknowledged tactic that much has been written about - even by the "thought leaders" of the PRC/PLA info warfare efforts themselves, AND published in English out available on the web by the same. This tactic is also nothing new - it has been employed in warfare and geopolics since the begining of time. The Chinese people may buy this or believe this, but certainly their government, military, and the Chinese Communist Party know better. For a real eye-opener, get a copy of Decoding the Virtual Dragon, by Timothy Thomas - this book discribes this stratigem and efforts, by the leaders of the PRC/PLA info warfare efforts in their own words. This book is from his efforts for the U.S. Army out of Ft. Levenworth and is not classified.

Fri, Jul 3, 2009 China Audit

A great majority of the pings, probes, scans and brute force attacks that hit my firewall are from China. They speak softly, and carry a big arsenal of metasploits.

Thu, Jul 2, 2009 Esteban Grozny Tucson, AZ

I just read a post that an IT specialists HOME router was reporting in excess of 90% IP pings from Chinese domains and then this attempt to ally our fears about such attacks because the Chinese fear sijilar threats from the West. The fact that an article appears in the english version of China Daily (a state-run media outlet) reporting on fears that the West (US) is out to subvert Chinese electronic infrastructure does not mean that the Chinese are innocent of these attacks. It just means that Mr. Kelman fell for their propoganda. Recently, a security professional also stated that claims of Chinese attempts to put 'sleeper destruct/trojan code' (that could be activated on command during a conflict) into the HW was also a misguided attempt to fault innocent Chinese suppliers. To me the firewall data not an article in a state controlled media tell the truth.

Thu, Jul 2, 2009 Steve Kelman

The link for this specific article is
http://www2.chinadaily.com.cn/china/2009-06/17/content_8291230.htm.

The general website is www.chinadaily.cn.

Show All Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Please type the letters/numbers you see above