The US is under sustained attack from a vast cyber-espionage campaign that, though broadly invisible to the public, has the potential to significantly threaten the economic performance of the country as a whole, according to a new report. China is the most active of the hacking culprits, sources tell the Washington Post having had privileged access to the new National Intelligence Estimate, but are not alone in targeting fields as broad as energy, finance, and technology in the hunt for a commercial edge. As well as technological methods of defense, the US is also apparently considering more unusual strategies to battle the growing number of state-led attacks.
Cyber-espionage has grown in prevalence and attention over the past few years, and according to one Obama administration official – speaking on the understanding of anonymity – “it’s known to be a national issue at this point.” China is widely believed to lead the field, but Russia, Israel, and France are all believed to have been called out by the new report as having “engaged in hacking for economic intelligence.”
China officially denies any government involvement or official economic strategy that includes hacking US companies, but the report is in accordance with other recent claims that Chinese employees are persuaded or coerced to steal content from their US employers or partners.
The NIE holds off from making specific claims about the exact potential for financial impact on the US economy, though there is no shortage of analyst commentary speculating on anything up to $100bn in annual losses.
Though the National Intelligence Estimate’s findings and recommendations are undoubtedly of great interest to US businesses, a public release of the report is not on the cards. A spokesperson for the department responsible for its authorship has said that there will be no unclassified summary, excerpt, or other disclosure, and that “as a matter of policy” it will not be publicly detailed.
However, the US government is expected to release a separate report on trade-secrets protection, which will detail ways in which US companies can work with legislators and lawmakers to ensure their valuable intellectual property is defended. A parallel executive order demanding voluntary standards for particularly high-profile organizations in the private sector is also tipped for release, potentially as early as this week.
Back in January, meanwhile, the US Cyber Command division – the taskforce that challenges cyber-espionage among other threats – gained new teeth for its online war. Three new teams, handling Pentagon infrastructure, US-wide infrastructure, and proactive cyber-attack, have been formulated, to challenge the growing number of hacking attempts.