WASHINGTON—The United States is at the beginning of an era of cyberwarfare with China and several other adversaries, and needs to take vigorous actions to fight and win this war, two Justice Department (DOJ) experts said.
Referring to the national security threats in cyberspace the United States is facing, John Carlin, former assistant attorney general in the DOJ’s National Security Division, said: “We are at the beginning of this space. And we are still feeling out what red lines look like. But it’s begun.”
John Demers, assistant attorney general, National Security Division, said: “There is a lot going on in this space. Just keep your eyes open. We are not talking about history. We are talking about the present and the future.”
Demers shared some behind-the-scenes stories about some of the attacks.
“What they are stealing is not national secrets. It is things like email telling the pricing for a solar company, so they could price dump, right below what that solar company could bear,” he said.
“And then, to add insult to injury, after that solar company went bankrupt, and sued for unfair trade practices, they stole the whole litigation strategy out from under them.
“And we put together an attachment showing when this activity happened. From 9 a.m. in the morning, until around noon, it spikes. It decreases from noon to 1 p.m.: lunch break. It increases again from 1 to 6 p.m. It decreases overnight, on weekends, and on Chinese holidays.
“So the former prosecutor and I would say, ‘Circumstantial evidence: This is coming from China.’ ”
Demers said that in the last eight years, 90 percent of the DOJ’s cases alleging economic espionage involve China.
“There is an international norm, that is, the intelligence agencies [of] countries do not steal commercial and intellectual property. Period. We don’t do it.
“The reason I know that there is an international norm is that in the last eight years, 90 percent of the economic espionage cases we have charged involved one country, and that’s China. Which means the rest of the world isn’t doing it, either,” Demers said.
In a Senate hearing on “China’s Non-Traditional Espionage Against the United States: The Threat and Potential Policy Responses” in December, the People’s Republic of China was named as the greatest threat to U.S. economy and national security.
Indictments and Sanctions
Both Carlin and Demers said that, given the credibility of the U.S. justice system, indictment is a very good tool to tackle the problem, as it will let the American public know how serious the “code war” is.Another good tool is sanctions.
On April 1, 2015, Obama signed an executive order “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities,” authorizing targeted sanctions against individuals or entities whose actions in cyberspace result in significant threats to the national security, foreign policy, economic health, or financial stability of the United States.
However, Demers said that it was very frustrating that instead of abiding by the agreement, “some countries are providing a safe harbor, at best, to criminals, and worse, are working with those criminals.”
On Dec. 20, 2018, the United States charged two Chinese hackers associated with the Ministry of State Security in China with an extensive global computer-intrusion campaign carried out over more than a decade.
Demers said the significance of the case was that it was the first indictment against Chinese hackers after the Obama–Xi cyber agreement.
Demers said he hopes the indictment could lay a foundation for later groundwork for other agencies, so they could use their authority to shine a spotlight on this. It could also help members of Congress become aware of these activities.