By Mick Krever, CNN
The U.S. believes that cyber warfare could begin to threaten the underpinnings of its relationship with China, New York Times journalist David Sanger told CNN’s Christiane Amanpour on Tuesday.
Sanger and two colleagues reported in the New York Times on Tuesday that a secretive unit of the People’s Liberation Army, the Chinese military, is responsible for most of the many Chinese cyber attacks on U.S. corporations and infrastructure.
“This is, diplomatically, I think one of the most complicated problems out there,” Sanger said. “The fact that your adversary would know that you could get into their systems and turn them on or off at any time – whether it was cell phones or air traffic control or whatever – might well affect your future behavior. So it doesn’t mean that they’re going to do it, or there’s out-and-out war, but it does mean that they have a capability to do this by remote control.” The New York Times reported last month that the newspaper was the victim of Chinese hackers – brought on, they believe, by a report on the finances of Prime Minister Wen Jiabao.
An internet security firm hired by the paper to investigate that attack has released a new report on Chinese hacking, and that report alleges the deep involvement of the Chinese military.
In fact, the security company, Mandiant, says that the attacks originate from a single 12-story building on the outskirts of Shanghai.
“It’s got thousands of people working in it,” Sanger said. His colleague, David Barboza visited the site, but was not allowed inside.
The Chinese government hotly denies all the allegations in the Mandiant report, calling them “baseless,” “irresponsible and unprofessional.”
“If it’s not coming from this building,” Sanger said, “then you’ve got to believe it’s coming from the noodle shops and restaurants that surround this building.”
Chad Sweet, a former CIA and Homeland Security official who now runs his own global security firm, said that the standoff between the U.S. and China envisages a bleak future.
“We’re essentially facing a new Cold War – a cyber Cold War,” he told Amanpour. “The destructive capacity is equal to that of a nuclear warhead… But what makes it more sinister than the nuclear age is that there’s no easily identifiable plume.”
In other words, it is very difficult to attribute a cyber attack to a source or exact retribution.
“The old ‘Mutually Assured Destruction’ doctrine,” he said, “is quite difficult to implement in the modern age.”
Sweet said that he did not believe China would “pull the trigger” unless its “back was up against the wall” – for example if the U.S. threatened China’s claim over Taiwan.
But just as in the Cold War, both sides are quickly building up capacity.
“On this, American hands are not clean,” Sanger said. “That is how the U.S. got into the Iranian nuclear program.”
He is referring to the Stuxnet computer virus that the U.S. launched at Iran’s nuclear centrifuges, a story he broke last year.
Sweet claimed that the Chinese and American attacks are fundamentally different, because China allegedly targets civilian infrastructure, while the U.S. targets military installations.
Because of the nature of these programs, it is impossible to verify the extent or intent of either the U.S. or China’s cyber warfare or capability.
Sanger said that during his reporting on the Stuxnet virus, he learned of a prescient Situation Room meeting early in the Obama administration.
“President Obama said to some of his aides in the Situation Room several years ago,” Sanger recounted, “that he was worried that once the U.S. went down this road, other countries might use it as a pretense to launch their own attacks, presumably not with the discipline and the rules the U.S. has. Well I think that’s probably pretty much exactly what’s happened.”
READ MORE: Have the courage to deal with cyber war