Return to Transcripts main page


Examining Charges of Computer Hacking Against Chinese Government Entities; A Look at Cyber Protesting in Saudi Arabia

Aired February 19, 2013 - 15:00:00   ET


CHRISTIANE AMANPOUR, CNN HOST: Good evening, everyone, and welcome to the program. I'm Christiane Amanpour.

So has computer warfare finally become a reality between the world's two most powerful nations? Chinese hackers have long been accused of targeting American companies.

But tonight, China is lashing out against reports that those hackers may be working for the Chinese military, the China's People's Liberation Army. And they may have key American infrastructure in their crosshairs, things like the power grid and oil pipelines and air traffic control.

Military involvement would bring the cyber threat to a whole new level and it's something U.S. Defense Secretary Leon Panetta warned about late last year.


LEON PANETTA, SECRETARY OF DEFENSE: The collective result of these kinds of attacks could be a cyber Pearl Harbor, an attack that would cause physical destruction and the loss of life, an attack that would paralyze and shock the nation and create a new, profound sense of vulnerability.


AMANPOUR: In other words, war. It's long been suspected that the United States has itself launched cyber-attacks, in particular, on Iran's nuclear program. But in a major report, "The New York Times" now links China's People's Liberation Army to dozens of cyber-attacks against the United States.

The report traced the hackers to the doorstep of this building, a 12-story office tower in Shanghai that's the headquarters of military unit 61398. It's a name worthy of a spy novel and it's suspected of being ground zero for a growing army of Chinese cyber-warriors. The Chinese government hotly denies this report, tossing the ball right back into America's court.

"Making baseless accusations based on premature analysis is irresponsible and unprofessional," says China's Ministry of Foreign Affairs.

"Fourteen million Chinese computers were attacked by 73,000 IP addresses from abroad. Most of these cyber-attacks come from the United States."

Now be that as it may, according to "The Wall Street Journal", China launches more cyber-attacks than any other nation -- just behind them, the United States and Russia.

Let's turn to David Sanger. He's the author of "The New York Times" report, and he joined me earlier from Harvard University.


AMANPOUR: David Sanger, welcome to the program.

DAVID SANGER, "THE NEW YORK TIMES": Good to be back with you, Christiane.

AMANPOUR: And an amazing story you've got on the front page of "The New York Times". I mean, in a nutshell, all of these suspicions that we've had about cyber-attacks and cyber-warfare, you know, stealing trade secrets and all the rest of it, now you're saying that a new group has traced it back, what, conclusively to the Chinese army?

SANGER: I would say that they have made a very strong circumstantial case that it is coming from a PLA unit called 61398 that's located in a 12-story building in Shanghai; my colleague, David Barboza, was -- wrote the story with me, along with Nicole Perlroth.

He went out to the building last week. It dominates a sort of rundown neighborhood in Shanghai; it's got thousands of people working in it.

The group that did the trace back of the attacks done by a group called Comment Crew, which is probably one of the largest of the Chinese hacking groups, they were able to take most of the digital forensics right back to the gates of this building. They couldn't take it inside for all kinds of reasons we described in the story.

But if it's not coming from this building, then you've got to believe it's coming from the noodle shops and restaurants that surround this building.

AMANPOUR: So, David, you know, you got Comment Crew; it's otherwise known as the Shanghai Group. You've just made -- said the name of the unit, 61398, or whatever it is. It sounds like a very intense spy novel.

What exactly are they doing? What is the purpose, if it's true that it's the PLA, doing?

SANGER: Well, there are two elements of this. There's espionage, which is most of what the world has seen Chinese hacking groups do. And then there's infrastructure attacks to take over infrastructure.

Deal with the first. Many American corporations have seen their intellectual property stolen. That's pretty classic industrial espionage. But if it's being done with state sponsorship, then the question is, is China turning its covert and its military forces over to help state-run industries or even, perhaps, non-state-run Chinese industries?

The more worrisome kind of attacks are the infrastructure attacks; that's when you go in to learn the code work or the software to take over an oil pipeline or an electric plant or something like that. And on this, remember, Christiane, American hands are not clean. That is how the U.S. got into the Iranian nuclear program.

AMANPOUR: Let me -- let me talk to you about that in a second.

But this is an incredibly serious allegation and prospective future. If, as the president said in his State of the Union address, that we now know our enemies are also seeking the ability to sabotage our power grid, our financial institutions, our air traffic control systems, again, what is the aim? You say, to own; the president says, to sabotage.

I mean, is this a total declaration of war?

SANGER: I don't think so, but I do think that. In the modern world where cyber-weapons are the newest form of weaponry, the fact that your adversary would know that you could get into their systems and turn them on and off at any time, whether it was cell phones or air traffic control or whatever, might well affect your future behavior.

So it doesn't mean that they're going to do it or there's out-and- out war. But it does mean that they have a capability to do this by remote control.

AMANPOUR: You just mentioned Stuxnet and the big story, of course, which you broke, and you've written a lot about it, is the cyber-warfare against the Iranian nuclear facilities.

The U.S. is doing this kind of stuff as well. So what kind of a relationship does the U.S. have with China when it comes to cyber- warfare?

SANGER: You may recall that, when I reported on Stuxnet and Olympic Games, which was the code word for the U.S. program, that President Obama said to some of his aides in the Situation Room several years ago that he was worried that once the U.S. went down this road, other countries might use it as a pretense to launch their own attacks, presumably not within the -- with the discipline and the rules the U.S. has.

Well, I think that's probably pretty much exactly what's happened. Since Stuxnet got out, not because of any revelation of mine, but a operator error that resulted in the program getting free around the Web, the Iranians have started their own cyber-corps. And they're believed to have been responsible for the destruction of about 30,000 computers at Saudi Aramco last summer. (Inaudible) --


AMANPOUR: That's the big Saudi Arabian oil company?

SANGER: That's right. It's the largest of the Saudi Arabian oil companies and they didn't actually get into the pipelines or refineries, but they did get into the computer systems and did considerable damage. That is an indication of where all of this may well be going.

AMANPOUR: So, David, now the U.S. has to figure out how to counter all of this, and we read in your article and elsewhere that they're trying to formulate responses, both offensive and defensive, as you say, both in cyberspace, but also diplomatically.

Apparently, they're going to say something to the Chinese, that they're not going to specifically mention this group and the PLA, because that might have broader implications for the general relationship.

How much of a conundrum is the U.S. in in just trying to confront this?

SANGER: This is diplomatically, I think, one of the most complicated problems out there, and I think you got a sense of that from the State of the Union address, which you quoted, because the president spent, what, two or three paragraphs on cyber.

And I think, Christiane, it struck me -- probably struck you as well -- he spent about a sentence each on the Iranian nuclear crisis, on Syria and on nuclear proliferation. So it tells you where his head is.

And it's been made pretty clear to me that the U.S. plans to go to the Chinese leadership and say, look, this used to be a sideshow. This used to be an annoyance. Now it's at such a level that it is beginning to threaten the underpinnings of the U.S.-Chinese relationship.

AMANPOUR: David Sanger, thank you very much indeed for joining me.

So what does the United States do about this? I want to now turn to former CIA official and chief of staff to the Department of Homeland Security, Chad Sweet. He is CEO and cofounder now of the Chertoff Group, a global security firm.

Mr. Sweet, welcome to the program.

CHAD SWEET, FORMER CIA OFFICIAL: Thank you for having me.

AMANPOUR: Let me ask you, then, you just heard David Sanger. What is being said in the corridors of national security in the United States today after this report?

SWEET: Well, I think you put your finger on it earlier. The key issue is the issue of a lack of a doctrine of attribution and retribution. And by that, I mean, if you look at what's going on, we're essentially facing a new Cold War, a cyber Cold War.

And in this war, it's a high-stakes game; whereas David said the United States is essentially being relieved of billions of dollars of intellectual property and also threatening our critical infrastructure.

And so make no mistake about it, in the corridors of power here in Washington, the question is, how do we move forward in a lack of leadership in the Congress on being able to set forth a doctrine of attribution and retribution?

AMANPOUR: So how does one? I guess my question is -- you mentioned the Cold War -- you know, nuclear Armageddon, but of course, no nuclear missiles were fired. Here, you've got cyber destruction possible. What is the destructive level and capacity of this cyber Cold War?

SWEET: The destructive capacity, Christiane, is equivalent to that of a nuclear warhead. If you think about it, the ability, in this case, to essentially extract a devastating attack on critical infrastructure, which could result in the loss of thousands of lives, is possible.

But what makes it more sinister than the nuclear age is that there's no easily identifiable plume -- if you launched an ICBM from Moscow, our NORAD NORTHCOM sensors could detect it within seconds. And we could triangulate exactly the location of the launch. Therefore, a doctrine of attribution and retribution was possible.

And this new paradigm, it is extremely difficult to actually get attribution and it is even more difficult to identify how you will actually extract retribution. So the old mutually assured destruction doctrine, which you will recall, is quite difficult to implement in the modern age.

AMANPOUR: It is. And the imagery you've just posited is very dramatic. I mean, to equate it to a nuclear attack is dramatic. And I want to know, then, how? You're former CIA; you've been, you know, studying precisely responses to this kind of thing. How does the United States respond? And what leg does the United States have to stand on, if it's engaged in the same kind of operation?

SWEET: Well, first on the second part, the United States is not engaged in the kind of broad-based espionage that China is in this sense. And, again, I'm not speaking now officially in a capacity for the United States government.

But if you look at the breadth, the scale and the -- and the duration of these attacks, they're targeted towards critical infrastructure.

Again, the targeted effort, which I can either confirm or deny that the United States did against Iran, if it did do so, was targeted exactly for that purpose, which is to take out the centrifuges that were developing enriched uranium for a nuclear program, not for disabling critical infrastructure that thousands of civilian lives depend on. And so that's a very clear distinction.

The second point, though, to your broader question of how do we -- how do we actually put forward a doctrine in this environment, the key thing to note is that the private sector controls 85 percent of this critical infrastructure.

So it's not the government, really; it's at the end of the day, the private sector needs to be able to attack this problem. And the best way to attack a network that's attacking you is to have a network.

And so right now, there's been an executive order issued by this administration, that Congress has not done anything to move forward on cyber-legislation.

What the private sector needs now is for the government to set the ground rules to enable it to fight a network with a network and then get out of the way, let the private sector be able to address this threat in the best tools they have available to them.

AMANPOUR: It's very hard to imagine China wanting to declare and wage war on the United States. What is their goal, if this is, in fact, true? What is the military's goal if it's, in fact, connected to all this?

SWEET: Well, I think it's a good question. I mean, I think if you look at the question of mutually assured destruction in our combined interest, China would not dare pull the trigger on this type of offensive action unless its back was up against the wall.

And so this type of attack is something that would be a last resort, that could be envisioned, though, unfortunately, if we had a scenario where, for example, in the Straits of Taiwan, where the Chinese still view that territory as theirs, if a U.S. aircraft carrier was engaged in an exercise there and ultimately there was a direct confrontation with the Chinese mainland, there could be retribution extracted in a way that would be very difficult for us to attribute to China.

So those are the kinds of scenarios where you could see an actual motivation to inflict pain on us, to demonstrate their capability without being able to -- for us to be easily able to attribute it back to them, and then extract retribution in a similar fashion.

AMANPOUR: And finally, very quickly, there are some security experts who believe that your own company, the Chertoff Group, was a target of Chinese hackers. Is that -- can you confirm that?

SWEET: I can confirm that and I will confirm it openly because I think it's an important reminder that all of us in this modern age are targets. Now fortunately in the case of our network, we detected it and disrupted it.

And, in fact, the company that did the report that has been spurring all this discussion, we collaborated with to verify that none of our information or our clients' information was exfiltrated.

But the -- it is a very important reminder that we -- if the Chertoff Group have to practice what we preach and all of us together, both private sector and government, have a shared responsibility to strengthen our networks and to teach cyber-security as a core foundation of all of our business operations and government functions in the modern age.

AMANPOUR: Chad Sweet, thank you so much indeed for joining me.

SWEET: Thank you.

AMANPOUR: And indeed, it must be said also that "The New York Times" and other news organizations, including CNN, are believed to have been victims of Chinese hacking. And, of course, we repeatedly tried to get response from any member of the Chinese authorities. And we've had no luck.

When we come back, from cyber-war to cyber-protests in the unlikeliest of places, after a break.




AMANPOUR: Welcome back to the program. The Arab Spring has largely passed Saudi Arabia by. In fact, protests are banned in the kingdom, at least in the streets.

But in the cyber world, protests are growing. And it's all happening on Twitter.

Saudis have flocked to the site in their millions. One recent study found that Riyadh, the Saudi Arabian capital, is one of the world's most active Twitter cities. And what's more, even though many protesters on these sites have been targeted, the Saudi government mostly allows it as a way to let their citizens vent their frustration.

My next guest, Mohammed al-Qahtani, is one of Saudi Arabia's most prominent activists. He's worked tirelessly to expose human rights abuses in his country. For this, he says, he expects to be thrown behind bars any day now.

Again, we've repeatedly requested the Saudi government representative to appear. And we'll continue to do so. So far, we've had no luck.

But I did talk to al-Qahtani earlier today on Skype. He joined me from Riyadh.


AMANPOUR: Mohammed al-Qahtani, thank you so much for joining me.


AMANPOUR: Mohammed, I want to read something that is pretty out there for a Saudi in today's regime there.

You have tweeted not so long ago, "We are prepared to pay the price, whatever it may be, for our people to obtain their rights, and Lord we are not afraid of the Saudi regime's prisons or its political executions."

How brave are you being just by being a Twittersphere human rights activist?

AL-QAHTANI: I feel very powerful with my colleagues. So I'm not alone. And that's a trick in this day and age. What would an organization call the Saudi civil and political rights association that we had established more than three years ago?

And once we started, we took it upon ourselves that we could lose our freedom; we could end up in prison and we could lose our jobs. And we could be banned from outside travel.

Most of these things are happening to us now.

AMANPOUR: Mohammed, for your activism, you have faced trial and you've got nine or 10 charges against you, including breaking allegiance to the Saudi king; including describing Saudi Arabia as a police state and those kinds of things.

What do you think your fate will be? Will you be convicted?

AL-QAHTANI: Oh, most definitely. This is a politically motivated trial. And given the fact that Saudi judiciary is not independent and could be influenced by the government, most definitely will be convicted and we'll end up in prison.

But the question is: for how long?

AMANPOUR: So that is the question, for how long and what is the aim?

And I guess we're absolutely fascinated to see, you know, so many millions of Saudis on Twitter. It's almost like a cyber-protest site, where there are no protests in the street.

How much has Twitter opened discussion in the kingdom?

AL-QAHTANI: Well, fantastic. We are having our revolution on Twitter, to be honest with you. We are able to disseminate our own information, team up with other activists, mobilize people to act. All these kind of things (inaudible) we are doing with Twitter.

And to be honest with you, the regime is really antagonized about Twitter.

So far, we have been interrogated for a whole year. And guess what? In each and every session we were interrogated, they were asking about my tweets.

Of course, I refused to answer to protect my freedom of expression.

AMANPOUR: We have pictures from a few days ago in Saudi Arabia, where women, mothers, wives were protesting against the continued imprisonment of their family members, people who have been taken in on various charges.

What do you think this is going to turn into because, as we know in Saudi Arabia, things do happen very, very, very, very slowly. What is the best that you can hope for?

AL-QAHTANI: The base of events is really picking up. We are no longer silent people. We are not passive anymore. The regime is trying to portray us as passive people who live in dark ages, which is not true.

Things is improving. People are now more politically aware. Now what the government have done, they ask the senior clerics to issue a fatwa, an edict that public demonstration is prohibited.

But people will not listen to that edict, because they are at the end of their rope. Things will be picking up in the future where public protests will happen. If the regime continues to be oblivious to the demand of the people, then it will happen. It's imminent. What happened in Tunisia and Libya and in Egypt could happen in Saudi Arabia.


AMANPOUR: Well, Mohammed, you say that -- you say that, Mohammed, and yet, yes, there have been sporadic outbursts of protests, mostly in Shiite areas, actually. But the government has also been really throwing money at a lot of this, and trying to tamp down or dampen people's dissatisfaction.

Is that working?

AL-QAHTANI: It's not working at all. This is a short-term solution for a long-term problem. And it will never work. The only solution I see, if the government could make serious concession to the people, move toward more democracy, and they are not doing that.

We are afraid that the country -- the regime could collapse or the country could disintegrate into chaos.

AMANPOUR: Describe for me some of the criticisms or challenges or just conversations that go on on Twitter. I mean, for instance, you sent one out several months ago about police investigators; you said they -- you've discovered they lack ability; they're unprofessional and arrogant.

Their priority is not searching for the truth, but fabricating charges. What are -- what are the main subjects of discussion on Twitter?

AL-QAHTANI: Human rights abuses is the most important pressing issue.

Another issue is corruption. Corruption also is one of the issues that people use when they criticize.

AMANPOUR: What do you think will happen to you after this interview?

AL-QAHTANI: Well, worse come to worst, I'm already awaiting my verdict. So I could end up in prison any time. So we are speaking out; we are brought our Monday night discussion group on YouTube where we are exactly saying the same thing, so basically across the fear barrier, if you will.

And we're trying to educate the public that the only way to go is to engage in peaceful struggle against the ruthless regime. I mean, that's the way to go.

AMANPOUR: Mohammed al-Qahtani, thank you very much for joining me.

AL-QAHTANI: It's my pleasure.


AMANPOUR: And when we come back, we'll take a close look at another form of protest.

No, that is not a snapshot of the Great Wall. If you look closely, you'll see it's a Chinese artist who makes his point and his own indelible mark by disappearing. We'll be right back.




AMANPOUR: And finally tonight, cyber-warfare, cyber-protests, it's a brave new cyber-world out there, and sometimes the human factor can get lost.

But one Chinese performance artist has found a way to stand out from the crowd by becoming invisible. If you look closely, you'll see him standing there in the forest. Liu Bolin is seen here, painting himself to blend into a rack of magazines.

But it's more than just a stunt. Amid the glamorous covers and gossipy pages, there is a human being.

Whether it's turning himself into a picture postcard from the Grand Canal in Venice, or blending into the staircase at the Grand Palais in Paris, or even becoming one with Wall Street's iconic Charging Bull, Liu Bolin makes us take a second look at our fast-changing world and our place in it. Can you see him?

That's it for tonight's program. Thanks for watching and goodbye from New York.