Cyberthreats: Welcome to the New Cold War

Wednesday, 5 Jun 2013 | 4:39 PM ET
President Barack Obama listens as Chinese President Xi Jinping answers a question following their bilateral meeting at the Annenberg Retreat at Sunnylands in Rancho Mirage, California, on June 7, 2013
Jewel Samad | AFP | Getty Images
President Barack Obama listens as Chinese President Xi Jinping answers a question following their bilateral meeting at the Annenberg Retreat at Sunnylands in Rancho Mirage, California, on June 7, 2013

The U.S. and China have done a lot of finger-pointing lately about cyberattacks, which will no doubt be a major topic when President Barack Obama meets with China President Xi Jinping on Friday.

(Read More: China's Strength Could Become Its Weakness )

Both sides claim the other is at fault, and in a sense they are both right.

(Read More: Businesses Consider Going Offense Against Cyberattackers )

They steal from each other in cyberspace, but China steals the "wrong stuff," said Retired Gen. Michael Hayden, a former director of the Central Intelligence Agency the former head of the National Security Agency.

"I was the director of national security for six years—that stealing your stuff thing, we did a lot of it. Actually, I like to think we are No. 1," he said at the Kaspersky Government Cybersecurity Forum in Washington this week. "But we stole stuff to keep you free and ... safe. We didn't steal stuff to make you rich, which is really the nub of the issue between ourselves and the Chinese."

(Read More: Cyberattacks Mean Big Business for Small Security Firms )

But the U.S. has targeted China in cyberattacks just as grave as the ones the U.S. claims that China has launched, according to insiders in a China Daily report Wednesday. But the Chinese don't blame Washington, because that would be "technically irresponsible" and would not help solve the problem insiders said, the report said.

Averting a Cyber 9/11
Arthur Coviello, executive chairman of RSA Security, warns that cyberespionage is essentially economic warfare.

(Read More: 10 Ways Companies Get Hacked )

While the U.S. cyberattacks are as sophisticated as China's, the U.S. hasn't launched as many and isn't spying to steal commercial data, John Pescatore, the director of emerging security trends at the SANS Institute, said in an interview.

"The U.S. government has tended not to do industrial espionage," he said. "We aren't going after Huawei, and we aren't trying to figure out who is building Chinese jet planes. We don't care—we are already ahead of them in that. But, sure, the U.S. might be doing industrial espionage against China if, say, we had an oil shortage and needed solar energy technology."

The relationship between the countries can be likened to that of the Soviet Union and the U.S. during the Cold War, Pescatore said. China is a growing power that wants access to resources. Both nations have cyberweapons and are worried about "proliferation" and the damage they could do to each other.

"The difference is in the value system," he said. "The Chinese have been launching its weapons, and the U.S. hasn't really stepped up to using the weapons on its side.

"The U.S. does not need to just roll out and attack China, but it needs to prove two things," Pescatore said. "We haven't convinced them that we are capable of defending ourselves, and we haven't convinced them that we are willing to do the attacks that they are doing."

In other words, we need to treat this like any other form of warfare. If the U.S. can prove it's capable of doing those things, he said, the situation will come to the point of mutually assured destruction, which is a lot like playing poker.

"Mutually assured destruction is both sides being convinced the other side has equal cards," Pescatore said. "You don't just say, 'Hey, stop beating me.' That doesn't work in any form of negotiation—forget poker."

By CNBC's Cadie Thompson. Follow her on Twitter @CadieThompson.


Contact Technology


    Get the best of CNBC in your inbox

    › Learn More
  • Matt Hunter is the senior technology editor at CNBC.com.

  • Cadie Thompson is a tech reporter for the Enterprise Team for CNBC.com.

  • Working from Los Angeles, Boorstin is CNBC's media and entertainment reporter and editor of CNBC.com's Media Money section.

  • Jon Fortt is an on-air editor. He covers the companies, start-ups, and trends that are driving innovation in the industry.

  • Lipton is CNBC's technology correspondent, working from CNBC's Silicon Valley bureau.

  • Mark is CNBC's Silicon Valley/San Francisco Bureau Chief covering technology and digital media.