He acknowledged that it might seem odd that a lawmaker charged with overseeing the U.S. intelligence community should lament spying by another government. But he said that China’s espionage targets go beyond the U.S. government and military to include scores of private American companies.
The Chinese government has vociferously denied accusations from security experts and other nations that it has engaged in a cyber-campaign to steal intellectual property.
“Allegations of China conducting cyberspace espionage are unwarranted and irresponsible,” Chinese Embassy spokesman Wang Baodong said in an e-mail. “As a victim of international cyberspace hacking activities, China is firmly against such criminal acts, and it has been working hard together with the international community for a more secure cyberspace. Facts should be respected, and accusations against China should be stopped.”
But security experts have long said that hackers supported by or linked to the Chinese government exploit system flaws to sneak into the networks of major financial, defense and technology companies and research institutions in the United States.
Lawmakers, too, have raised concerns.
Rogers said the United States could use trade or diplomatic avenues in response to Chinese cyber-espionage. He and others have suggested pursuing the issue at the World Trade Organization or in other international forums.
He said that although some companies,most notably Google, have come forward to allege that they suffered attacks originating in China, others have stayed silent for fear of provoking further attacks or jeopardizing access to that nation’s vast market.
“When you talk to these companies behind closed doors . . . they describe attacks that originate in China, and have a level of sophistication and are clearly supported by a level of resources that can only be a nation-state entity,” Rogers said.
Michael Hayden, a former director of the CIA and the National Security Agency, said at Tuesday’s hearing that the scope of China’s efforts to spy on the United States is stunning. “I say that as a professional intelligence officer, I step back in awe at the breadth, depth, sophistication and persistence of the Chinese espionage effort against the United States of America,” he said.
Arthur W. Coviello Jr., executive chairman of RSA, a security company whose proprietary data was stolen this year in a cyber-heist that experts say may have originated in China, said, “There were some elements of an advanced, persistent threat that hadn’t been seen before.” Such language is often used to describe hacker groups linked to the Chinese government.
James A. Lewis, a cyber-expert at the Center for Strategic and International Studies, said the United States should not be afraid to apply pressure. “You could begin to release details of cases where we have strong pointers towards Chinese cyber-espionage. You could expel an attache. You could say you’re reviewing provisions of agreements or treaties. You could impose tighter requirements on Chinese coming to the United States to study,” he said.
But the president of the National Foreign Trade Council, William Reinsch, expressed doubt that, for instance, bringing a case to the World Trade Organization would prompt a change in China’s behavior.
“The only thing they ever respond to is a very clear, detailed explanation of why what you want them to do is in their interest,” said Reinsch, a former Commerce Department undersecretary for export controls. “You can come in and talk about why espionage and cyber-activity isn’t good for them because it makes the world suspicious of them and it brings opprobrium down on their shoulders. But at the end of the day, you’ll have people say, ‘Yeah, but we get all this neat stuff, and it helps us grow.’ ”
Staff writer Jason Ukman contributed to this story.