US Demands China Block Cyberattacks and Agree to Rules

The White House demanded Monday that the Chinese government stop the widespread theft of data from American computer networks and agree to "acceptable norms of behavior in cyberspace."

The demand, made in a speech by President Obama's national security adviser, Tom Donilon, was the first public confrontation with China over cyberespionage and came two days after its foreign minister, Yang Jiechi, rejected a growing body of evidence that his country's military was involved in cyberattacks on American corporations and some government agencies.

(Read More: Americans Willing to Spend More to Thwart Cyber Attacks: Survey)

The White House, Mr. Donilon said, is seeking three things from Beijing: public recognition of the urgency of the problem; a commitment to crack down on hackers in China; and an agreement to take part in a dialogue to establish global standards.

"Increasingly, U.S. businesses are speaking out about their serious concerns about sophisticated, targeted theft of confidential business information and proprietary technologies through cyberintrusions emanating from China on an unprecedented scale," Mr. Donilon said in a wide-ranging address to the Asia Society in New York.

(Read More: The Near Impossible Battle Against Hackers Everywhere)

"The international community," he added, "cannot tolerate such activity from any country."

Until now, the White House has steered clear of mentioning China by name when discussing cybercrime, though Mr. Obama and other officials have raised it privately with Chinese counterparts. In his State of the Union address, he said, "We know foreign countries and companies swipe our corporate secrets."

But as evidence has emerged suggesting the People's Liberation Army is linked to hacking, the China connection has become harder for the administration not to confront head-on. The New York Times three weeks ago published evidence tying one of the most active of the Chinese groups to a neighborhood in Shanghai that is headquarters to a major cyberunit of the People's Liberation Army. That account, based in large part on unclassified work done by Mandiant, a security firm, echoed the findings of intelligence agencies that have been tracking the Chinese attackers.

American officials say raising the issue with the Chinese is a delicate balancing act at a time when the United States is seeking China's cooperation in containing North Korea's nuclear and missile programs, and joining in sanctions on Iran. Yet they have been expressing their concerns about cyberattacks with Chinese officials for years. Starting in 2010, they invited P.L.A. officials to discuss the issue — a process that has only just started — and last November, Mr. Obama broached the subject at a summit meeting with Prime Minister Wen Jiabao, a senior administration official said.

Since then, the official said, there has been a "perfect storm" of media coverage and protests from the corporate world. Still, he said, Mr. Donilon chose not to mention the P.L.A. in his speech because he did not want to engage in finger-pointing.

(Read More: The Next Cyber War Is Already in Progress: Security Expert)

"What we are hoping to do," another senior official said, "is force the Chinese civilian leadership to realize that the P.L.A. is interfering with their foreign policy."

The Chinese have insisted that they are the victims of cyberattacks, not the perpetrators. On Saturday, Mr. Yang issued his own call for "rules and cooperation" on cybersecurity and said reports of Chinese military involvement in cyberattacks were "built on shaky ground."

"Anyone who tries to fabricate or piece together a sensational story to serve a political motive will not be able to blacken the name of others nor whitewash themselves," Mr. Yang told reporters at the National People's Congress, which was preparing to ratify the ascension of Xi Jinping to the Chinese presidency.

Mr. Donilon said the threats to cybersecurity had moved to the forefront of American concerns with China, noting that he was not "talking about ordinary cybercrime or hacking."

That distinction, a senior administration official said, was meant to separate the theft of intellectual property by Chinese state entities from small-scale hacking by individuals, or the use of cyberweapons by a state to protect its national security. But the distinction between cyberattacks aimed at intellectual property theft and those aimed at disabling a military threat is largely made by Western officials devising legal arguments, not one the Chinese have embraced.

Even as he emphasized the need for international rules to guide cyberactivity, Mr. Donilon made no reference to the billions of dollars the American military and intelligence agencies are spending to develop an arsenal of offensive cyberweapons — to be used against military targets, officials insist, not economic ones. The most famous of these operations was the covert cyberattack mounted by the United States and Israel to disable the centrifuges that Iran uses to enrich uranium at its site in Natanz.

(Read More: US Sharing Classified Information With Firms to Prevent Hack Attacks)

Mr. Donilon sketched out a vigorous agenda in Asia, insisting the United States would keep pursuing its "strategic pivot" toward the region, despite cuts in military spending. He announced that the Treasury Department would impose sanctions on a North Korean bank specializing in foreign-exchange transactions — ratcheting up the pressure on the North Korean government on the day that Pyongyang announced it would no longer abide by the 1953 armistice that halted the Korean War.

With fears about North Korea's increased nuclear and missile capabilities causing considerable anxiety in Seoul and Tokyo, Mr. Donilon restated a "declaratory policy" that was first formulated by President George W. Bush after the North's first nuclear test, in 2006. He warned that the United States would reserve the option to retaliate against the North, not just if it used nuclear weapons but if it allowed the "transfer of nuclear weapons or nuclear materials to other states or nonstate entities."

That formulation did not appear to cover, however, the transfer of technology to build nuclear facilities, as North Korea did in Syria. That reactor was destroyed by Israel in 2007.

"It's understandable that the people of South Korea would be concerned about the threat they face from the North," Mr. Donilon said, apparently alluding to talk in the South of building the country's own nuclear arsenal, a move the United States halted decades ago. Mr. Donilon added that the United States had assets in place "to insure that South Korea's defense is provided for."