Last year, China's top Internet security official said he has "mountains of data" that serves as proof the U.S. government is conducting hacking and cyber espionage aimed at China. The world’s most populous country made the accusations a week after the Washington Post published an account of how U.S. military secrets were obtained by hackers from China, including advanced weapons systems such as the Navy’s rail gun and the F-35 joint strike fighter program.
When both leaders met, Obama told Xi that the U.S. government will consider Beijing responsible for any cyber attacks launched from Chinese soil and must take more action to curb high-tech spying, according to White House officials. It is estimated that China steals as much as $300 billion worth of intellectual property from the United States each year.
“We have mountains of data, if we wanted to accuse the U.S., but it's not helpful in solving the problem,” said Huang Chengqing, director of the National Computer Network Emergency Response Technical Team/Coordination Center of China, known as CNCERT.
“With all of our openness, the [U.S.] would be a sort of great target – a great deal of information about our infrastructure is currently accessible via the internet,” says Kate Brew of Ziften, a network security firm. “We might want to reevaluate all that openness, since the [U.S.] does tend to be historically willing to get into all-out war, in which case we would be at a disadvantage on the cyber front. In addition, we are extremely dependent on advanced technology, making us more vulnerable and interesting to attack.”
Protecting America’s cyber data and networks is proving to be a monumental task for Washington. For instance, Obamacare mandates hospitals and government agencies to transition to electronic health records (EHR) by 2014. However, most clinics and healthcare institutions have not yet complied with the EHR requirements and experts believe the government will simply keep providing extensions.
To protect an organization’s network, Ziften advises clients that their security software should be properly working. The Texas-based company also granular analytics to identify abnormal activity and terminate suspect processes in real-time. “Removing BHOs eliminates unnecessary cloud app traffic . . . that could be from malicious attackers and/or through general data leakage,” according to Ziften’s website.
According to CNCERT, 4,062 U.S.-based computer servers have recently hijacked 2.91 million mainframe computers in China. In May 2013, designs for more than two dozen major U.S. weapons systems were reported compromised by Chinese hackers such as designs for combat aircraft and ships as well as missile defense systems, according to a study commissioned by the Pentagon.