The chairman of the House intelligence committee is demanding that the U.S. and its allies “confront Beijing” over what he calls “a massive and sustained intelligence effort by [its] government to blatantly steal commercial data and intellectual property” over the Internet from U.S. and other firms trying to compete with China.
“Beijing is waging a massive trade war on us all,” Rep. Mike Rogers, Michigan Republican, told a hearing on cyberthreats Tuesday.
In an interview with The Washington Times after the hearing, Mr. Rogers said research-and-development secrets, cutting-edge production technologies, and proprietary financial and other information is being stolen by China’s foreign-intelligence services “at a breathtaking pace.”
“Not just from U.S. companies, but also from our allies,” he said.
“It’s reached a point where [the United States] has to step out front” and provide some leadership to its allies, Mr. Rogers added. “If we all confront it together, I believe we can make a difference.”
He said there is no precedent for such “brazen and wide-scale theft of intellectual property from foreign commercial competitors” by any nation’s intelligence service.
“The technological leadership and national security of the United States is at risk because some of our most innovative ideas and sensitive information are being brazenly stolen,” Mr. Rogers said.
The attacks that have been reported, including those on Internet and email providers such as Google and defense contractors such as Lockheed Martin, are “just the tip of the iceberg,” he said.
“There are more companies that have been hit that won’t talk about it in the press, for fear of provoking further Chinese attacks.”
Mr. Rogers is the latest on a very short list of leaders in the U.S. intelligence and security field to warn about the problem this year, but policymakers lack hard data about the issue.
The Times reported last week that the Pentagon had asked the nation’s intelligence agencies to estimate the cost to the U.S. economy of commercial cyber-espionage, which some analysts put as high as hundreds of billions of dollars a year.
The request for an estimate went to the National Intelligence Council, which produces National Intelligence Estimates, or NIEs, defense officials said.
NIEs represent the combined and distilled wisdom of the entire U.S. intelligence community, as the 16 U.S. spy agencies are known. They are generally produced to inform policymakers about grave threats to national security, such as the Iranian nuclear program.
Mr. Rogers acknowledged that being certain about who is behind a given cyber-intrusion is difficult because hackers can route their attacks through compromised computers anywhere in the world.
But he said, “behind closed doors,” victim companies “describe attacks that originate in China and have a level of sophistication and … a level of resources that can only be a nation-state entity.”
U.S. officials generally refrain in public from pointing fingers or giving names in connection with cyber-intrusions, especially against the private sector, but Mr. Rogers said he “thought it was important to name the offender.”
“This is not something that can be swept under the rug,” he said, noting that U.S. allies such as Germany and Britain have been more forward-leaning on publicly blaming China.
Last month, Army Gen. Keith B. Alexander, head of the National Security Agency and the commander of the U.S. military’s new Cyber Command, told a conference that he supported the administration’s practice of not identifying the author of major cyber-attacks because confronting foreign governments complicates the military’s efforts to track and attribute cyber-activity.
When confronted, “all they do is deny it” and seek to learn what they can from the confrontation about U.S. capabilities, Gen Alexander said.
Mr. Rogers and Rep. C.A. Dutch Ruppersberger, the ranking Democrat on the House Intelligence Committee, agreed that information sharing is key to securing critical U.S. computer networks.
“Without an open exchange of information about cyberthreats, companies are missing an opportunity to use shared experience to learn how to defend themselves more effectively,” Mr. Rogers said.
Added Mr. Ruppersberger, Maryland Democrat: “We must harness [the National Security Agency]’s expertise and share the critical information it collects about potential threats with all of our nation’s networks.”
Mr. Ruppersberger also called for the White House to empower its own cybercoordinator, who needed “operational and budget authority to work across all agencies and have some real clout” and “a direct line to the president.”
“The Air Force protects our skies. The Navy and the Marines protect our seas. The Coast Guard protects our coasts. The cybercoordinator must protect cyberspace,” he said.
Despite the concerns expressed by officials such as Gen. Alexander and Mr. Rogers, some observers remain skeptical about the higher-end estimates of the cost of foreign hacking, saying they are based on a “zero sum” idea of international trade and the global economy that economists long ago abandoned.
Victim companies “will make less money in patent and licensing fees,” said Martin Libicki of the Rand Corp. think tank.
That would be a quantifiable loss, Mr. Libicki said, but it is also relatively small. He suggested it would be “in the hundreds of millions or maybe even a billion or two, that order of magnitude.”
But he argued the much higher estimates some analyses produced were predicated on less-direct — and less-quantifiable — losses.
“If someone steals [General Motors’] designs for a car, how much does that cost G.M. and the U.S. economy?” Mr. Libicki said. “Will that necessarily have a bad effect on the U.S. economy?”