An American cyber-security firm released a report yesterday that sent shockwaves through tech and national security circles. According to the company Mandiant, government-backed Chinese hackers have stolen data and intellectual property from 115 U.S. targets since 2006. Some of the companies targeted are involved in infrastructure that’s critical to the U.S., like the power grid and water works. We’ll examine the report’s findings, the possible threat to U.S. national security and what companies can do to protect themselves.

Dan McWhorter, managing director of the Intelligence Unit at Mandiant, the information security company that released the report on Chinese espionage
Richard Clark, security expert, former special advisor to President George W. Bush for cyber security, and author of "Cyber War: The Next Threat to National Security and What to do About It"
Martin Libicki, senior management scientist at the RAND Corporation, and author of the recent study "Cyberdeterrence and Cyberwar"
Dr. James Lewis, director of the technology and public policy program at the Center for Strategic and International Studies

  • Wilbur

    I don’t trust China, but I don’t trust the US military industrial complex either. So I want to find out who is behind Mandiant, and make sure it is not funded by or closely associated with the Pentagon. (They are in Alexandria, VA after all.) I also want to know who Mandiant’s clients are, and on what other companies’ boards Mandiant’s directors sit. Maybe if Mandiant were to pass muster I might take their security theatrics with a slightly less huge grain of salt, but I’m so tired of these parasitic security companies inventing new threats to justify bilking the US taxpayer for yet more billions of dollars, and I’m tired of the 1%’s stooges concocting new excuses and deploying hyperbolic what-if scenarios to support talk of restricting my Internet freedoms. If you don’t want the Chinese to hack into something, disconnect it from the Internet, you fools.

  • sailormike

    I’ve had two of my email accounts closed in the past two weeks, due to protective measures taken by email service providers. One email is a .edu address and the other is a .com address which I use for consulting. In one case, my .com name server was blocking by my .edu’s client’s name server requests because the .edu client was hacked and blacklisted at some unknown point in the past. It took two weeks before I was able to send email to my clients again, with both parties (my email provider and the .edu client) blaming each other for the problem. I lost many emails, time, and a lot of rapport with client.

    On Monday, my .edu address was immediately disabled as a preventative measure when I sent a email to my research group of 10 people with a legitimate linked to a Google Doc. That cost me another two hours and several phone calls to IT to get my email re-enabled.

    Death by a thousand cuts is an accurate description of how this is going to affect the US economy.

  • I wonder why the host and guests conveniently forgot to mention that US spies too. US also hacks computers in other countries, including China, as mentioned in Mandiant’s report. This topic seems more for certain special interests.

  • Livegreen

    There are numerous small & medium companies whose products are being copied and even sold sometimes under the same brand names. These companies simply can’t be expected to go to the WTO. So what’s the U.S. govt doing to SYSTEMATICALLY help U.S. companies? Anything?

    What’s the point of having a Commerce Dept and an International Trade Representative of they do NOTHING?

    By the time they react the businesses, IP and jobs will be long gone. This is costing real money and real jobs.

    • Wilbur

      The Commerce Dept only serves the big corporations.

  • best

    Economic espionage seems to be a government function in many countries such as Japan, France etc. Isn’t the US the aberration in the world in objecting to this conduct by foreign govt.
    Is Stuxnet an act of war against Iran?
    Aren’t we capable of tracing back an attack and at least destroying the attack server electronically?
    We can at least impose trade sanctions of some sort on countries caught in the act.

  • Marie Smith

    Why all the fuss? Does anyone honestly believe that the US isn’t carrying out exactly the same sort of espionage on China?

  • Guest

    I can’t believe I have to point this out on a program that originates near Silicon Valley. But it is necessary to remind the host and guests that they are committing the age old faux pas of confusing “hacking” and “cracking”. Hacking is not illegal! Cracking is. Wikileaks is neither hacking nor cracking…it is a mechanism for transparency. Please stop slandering hacker culture by assigning cracking activities to us.

  • baumgrenze

    Years ago my wife connected to HP servers from home. A ‘clumsy’ but effective random password was generated each time she connected. A number was sent from the server and a device on the remote computer was presented with it and in turn generated the password. If the ‘remote’ device was ‘hand held’ and truly remote from the network, wouldn’t this prove a stumbling block to access by a hacker? Isn’t it possible for this technology to be applied for ‘normal, in house’ access to corporate computers?

  • JS

    I was recently hacked while commenting on human rights issue on China. Naturally, at first, I thought I was hacked by China. However, I discovered that I was hacked by a pro-Japan
    hacker posing as a Chinese hacker. So happens, I had also just written comments criticizing Japan’s new Prime Minister Abe for going back on the Korean sex slaves history– something that the New York Times did also, just before coming out on the hackers openly. So it made me wonder if NY Times was indeed spied upon by China earlier, but some imposter-hacker made NY Times so infuriated, and timed it just before Abe’s visit to the United States today, so as to pump up GOP’s request for offensive arms from Obama. That’s just a natural question it you have discovered an imposter hacker like me.

    Given how infuriated I was at China at first, the experience made me ask for an added level of evidence when I hear about hacking from
    China. And the resulting is surprising.

    For example, the commentator interviewed claims that the attacks can be traced to China. However, I also saw reports on Hackers’ Conference consisting only of Caucasians. And the report states that the hacking route can go through several countries before reaching us. It would be very easy to steal another’s ID and then pose as a hacker from China, it seems. That seems to be a sure way for malicious hackers to avoid getting found out, because most investigators seem to be quite satisfied to stop probing once any evidence leads to China, from what I’ve been reading recently.

    Another example. I heard an academic talk about Coca-Cola being hacked while bidding to buy the biggest soft drink company in
    China. Coca-Cola thought the hacker was the company it was intending to buy looking for the highest bid it was willing to offer. So Coca-Cola called off the bid. That sounded like a complete investigation to me at first. However, after my personal experience, I found myself asking, who had the most to gain in hacking
    Coca-Cola at the time and caused it to stop the bid. The answer is not the company Coca-Cola was bidding to buy. They may gain nothing, if they were tough bargainers, and know how to strike the best steal anyway. The ones who stand the gain the most are the
    smaller soft drink companies that were deeply worried about being pushed out of business after these extremely powerful companies join hands. I don’t know if there are any anti-trust laws in China. I would imagine that area of law is poorly developed at best.
    In the United States, the smaller companies can ask a judge to block
    such a deal because it would stifle competition. However, in China, that’s not available, I’m sure; otherwise, we
    wouldn’t be hearing the news about the billions of wealth accumulated in a handful of well connected families in China.
    In other words, after my personal experience, I am open to think that
    some of these hackers were doing the same thing that other hackers do, believing, rightfully, or wrongfully that they were hacking to get somebody, including me, really angry at somebody they want everybody else to be angry at. It seems that the interviewee representing the firm hired by the NY Times were gathering allies to go after China even before being hired by the NY Times for years. It makes them at least, if not more vulnerable than myself, to be led to be angry at China by another non-Chinese hacker posing as a Chinese hacker.

    We’ve got to be smarter than that interviewee on Forum today.

    It seems that the presumption that the attack is China, without any need for careful scrutiny opens ourselves to be manipulated, to do exactly what the imposter-hackers want to mislead us to do. There is also a subtle country-focused assumption to at least one of the commentators. I have been made more aware of such overtones after being hacked by imposters of Chinese hackers!!

Sponsored by

Become a KQED sponsor