Atlantic Council

From Lolita C. Baldor, AP:  The Obama administration is considering more assertive action against Beijing to combat a persistent cyber-espionage campaign it believes Chinese hackers are waging against U.S. companies and government agencies.

As the New York Times and Wall Street Journal reported Thursday that their computer systems had been infiltrated by China-based hackers, cybersecurity experts said the U.S. government is eyeing more pointed diplomatic and trade measures.

Two former U.S. officials said the administration is preparing a new National Intelligence Estimate that, when complete, is expected to detail the cyberthreat, particularly from China, as a growing economic problem. Neither of the former officials was authorized to discuss the classified report and spoke only on condition of anonymity.

One of the former officials said the NIE, an assessment prepared by the National Intelligence Council, also will cite more directly a role by the Chinese government in such espionage. The former official said the NIE will underscore the administration’s concerns about the threat and will put greater weight on plans for more aggressive action against the Chinese government.

Secretary of State Hillary Rodham Clinton, in an interview with reporters as she wound up her tenure, said the U.S. needs to send a strong message that it will respond to such incidents.

‘‘We have to begin making it clear to the Chinese—they’re not the only people hacking us or attempting to hack us—that the United States is going to have to take action to protect not only our government's, but our private sector, from this kind of illegal intrusions. There’s a lot that we are working on that will be deployed in the event that we don’t get some kind of international effort under way,’’ she said.

‘‘Obviously this can become a very unwelcome and even dangerous tit-for-tat that could be a crescendo of consequences, here at home and around the world, that no one wants to see happen,’’ she said.

Although the administration hasn’t yet decided what steps it may take, actions could include threats to cancel certain visas or put major purchases of Chinese goods through national security reviews. . . .

Internet search leader Google focused attention on the China threat three years ago by alleging that it had traced a series of hacking attacks to that country. The company said the breaches, which became known as ‘‘Operation Aurora,’’ appeared aimed at heisting some of its business secrets, as well as spying on Chinese human rights activists who relied on Google’s Gmail service. As many as 20 other U.S. companies were also said to be targeted. . . .

In a report in November 2011, U.S. intelligence officials for the first time publicly accused China and Russia of systematically stealing American high-tech data for economic gain. And over the past several years, cybersecurity has been one of the key issues raised with allies as part of a broader U.S. effort to strengthen America’s defenses and encourage an international policy on accepted practices in cyberspace.

U.S. cybersecurity worries are not about China alone. Administration officials and cybersecurity experts also routinely point to widespread cyberthreats from Iran and Russia, as well as hacker networks across Eastern Europe and South America. . . .

The White House declined comment on whether it will pursue aggressive action on China.

‘‘The United States has substantial and growing concerns about the threats to U.S. economic and national security posed by cyber intrusions, including the theft of commercial information,’’ said spokesman Caitlin Hayden. ‘‘We have repeatedly raised our concerns with senior Chinese officials, including in the military, and we will continue to do so.’’

Cybersecurity experts have been urging tougher action, suggesting that talking with China has had no effect.

‘‘We need to find new approaches if we want to dissuade this type of activity,’’ said Stewart Baker, former assistant secretary at the Homeland Security Department and now in private law practice with Steptoe and Johnson in Washington. He said the U.S. must do a better job of attributing the cyberattacks to particular groups or nations and ‘‘see if we can sanction the people who are actually benefiting from them.’’

From Ken Dilanian, Los Angeles Times:  The Pentagon requested the estimate more than a year ago, and it sparked a broad review of evidence and analysis from the 17 U.S. intelligence agencies. The document has been submitted to the National Intelligence Council, which coordinates such efforts, but it was unclear whether the council had reached or approved final conclusions. . . .

U.S. intelligence agencies monitor daily digital assaults from hackers based in China who seek to steal intellectual property from American and other Western companies, current and former intelligence officials said. Intelligence analysts disagree over the extent to which the intrusions are organized by Chinese authorities, but the CIA and National Security Agency have traced cyber-attacks and thefts to Chinese military and intelligence agencies.

"We know much more about who is doing this than we did even two years ago," one official involved in the effort said. "We have traced attacks back to a desk in a [People's Liberation Army] office building."   (graphic: National Intelligence Council)