Former cybersecurity czar: Every major U.S. company has been hacked by China
Richard Clarke says evidence 'pretty strong' that China is stealing commercial secrets
Former White House cybersecurity advisor Richard Clarke has made a career out of issuing security warnings.
His most famous, of course, was his alert to Bush Administration officials in July 2001 -- 10 weeks before 9/11 -- that "something really spectacular is going to happen here, and it's going to happen soon."
Clarke was talking about an attack on U.S. soil by Al-Qaida, the terrorist group he had been warning the new administration about -- to virtually complete indifference -- since that January.
Now Clarke, author of the book Cyber War, is issuing an alert via Smithsonian magazine that the U.S. is defenseless against a cyberattack which could take down major parts of the nation's infrastructure, including civilian, military and commercial networks.
What makes the U.S. especially vulnerable, Clarke says, is that its aggressive "cyberoffense" -- “the U.S. government is involved in espionage against other governments,” he tells Smithsonian -- isn't matched by an effective, or even competent, cyberdefense, making the nation particularly vulnerable to blowback.
Clarke says he's concerned that hackers on the Chinese government payroll are threatening the U.S. economy.
"I’m about to say something that people think is an exaggeration, but I think the evidence is pretty strong. Every major company in the United States has already been penetrated by China,” Clarke says in the Smithsonian interview:
Clarke claims, for instance, that the manufacturer of the F-35, our next-generation fighter bomber, has been penetrated and F-35 details stolen. And don’t get him started on our supply chain of chips, routers and hardware we import from Chinese and other foreign suppliers and what may be implanted in them—“logic bombs,” trapdoors and “Trojan horses,” all ready to be activated on command so we won’t know what hit us. Or what’s already hitting us.
To Clarke this is a more insidious and dangerous attack than some high-profile, real-time assault on commercial and government networks.
"My greatest fear is that, rather than having a cyber-Pearl Harbor event, we will instead have this death of a thousand cuts. Where we lose our competitiveness by having all of our research and development stolen by the Chinese," Clarke tells Smithsonian. "And we never really see the single event that makes us do something about it. That it’s always just below our pain threshold. That company after company in the United States spends millions, hundreds of millions, in some cases billions of dollars on R&D and that information goes free to China....After a while you can’t compete."
It's easy to dismiss this as alarmism, but the man has a track record of being right.