Feds target China's hackers in new spending bill
WASHINGTON — The United States has taken its first real swipe at China amid accusations that the Beijing government is behind a widespread and systemic hacking campaign targeting American businesses.
Buried in a spending bill signed by President Obama on Tuesday is a provision that effectively bars much of the federal government from buying information technology made by companies linked to the Chinese government.
It's unclear what impact the legislation will have, or whether it will turn out to be a symbolic gesture. The provision affects certain non-Defense government agency budgets only between now and Sept. 30, when the fiscal year ends. It allows for exceptions if an agency head determines that buying the technology is “in the national interest of the United States.”
Still, the rule could upset allies whose businesses rely on Chinese manufacturers for parts and pave the way for broader, more permanent changes in how the federal government buys technology.
“This is a change of direction,” said Stewart Baker, a former senior official at the Homeland Security Department now with the legal firm of Steptoe and Johnson in Washington. “My guess is we're going to keep going in this direction for a while.”
Rep. Dutch Ruppersberger of Maryland, the top Democrat on the House Intelligence Committee, said he supports the restriction and does not think it would be too cumbersome for federal agencies. The Defense and Energy departments are mindful of how its networks are built.
“Anything we can do to call awareness to the fact that we're continuing to be cyberattacked, we're continuing to lose jobs, and that billions of dollars in American money is being stolen,” Ruppersberger said on Wednesday.
In March, the U.S. computer security firm Mandiant released details on what it said was an aggressive hacking campaign on American businesses by a Chinese military unit. Since then, Treasury Secretary Jacob Lew has used high-level meetings with Beijing officials to press the matter. Beijing has denied the allegations.
Congressional leaders have promised to push comprehensive legislation that would make it easier for industry to share threat data with the government. But those efforts have been bogged down amid concerns that too much of U.S. citizens' private information could end up in the hands of the federal government.
As Congress and privacy advocates debate a way ahead, lawmakers tucked “Section 516” into the latest budget resolution, which enables the government to pay for day-to day operations for the rest of the fiscal year. The provision specifically prohibits the Commerce and Justice departments, NASA and the National Science Foundation from buying an information technology system that is “produced, manufactured or assembled” by any entity that is “owned, operated or subsidized” by the People's Republic of China.
The agencies can acquire the technology only if, in consulting with the FBI, they determine that there is no risk of “cyberespionage or sabotage associated with the acquisition of the system,” according to the legislation.
The move might sound like a no-brainer. If industry and intelligence officials are right, and China is stealing America's corporate secrets at a breathtaking pace, why reward Beijing with lucrative U.S. contracts? Furthermore, why install technical equipment that could potentially give China a secret back door into federal systems?
Last fall, Ruppersberger and House Intelligence Committee Chairman Mike Rogers, R-Mich., released a report urging companies and government agencies to drop any business with Chinese telecommunications companies Huawei Technologies Ltd. and ZTE Corp. because of the security risks they pose.
“Any bug, beacon or back door put into our critical systems could allow for a catastrophic and devastating domino effect of failures throughout our networks,” Rogers said in a statement accompanying the report.
But a blanket prohibition on technology linked to the Chinese government may be easier said than done.
Information systems are often a complicated assembly of parts manufactured by different companies around the globe. And investigating where each part came from, and if that part is made by a company that could have ties to the Chinese government could be difficult.
Depending on how the Obama administration interprets the law, Baker said, it could cause problems for the United States with the World Trade Organization, whose members include allies such as Germany and Britain that might rely on Chinese technology to build computers or handsets.
In the end, Baker said, it could make the government safer and wiser.
“We do have to worry about buying equipment from companies that may not have our best interests at heart,” he said.
Show commenting policy
TribLive commenting policy
You are solely responsible for your comments and by using TribLive.com you agree to our Terms of Service.
We moderate comments. Our goal is to provide substantive commentary for a general readership. By screening submissions, we provide a space where readers can share intelligent and informed commentary that enhances the quality of our news and information.
While most comments will be posted if they are on-topic and not abusive, moderating decisions are subjective. We will make them as carefully and consistently as we can. Because of the volume of reader comments, we cannot review individual moderation decisions with readers.
We value thoughtful comments representing a range of views that make their point quickly and politely. We make an effort to protect discussions from repeated comments either by the same reader or different readers.
We follow the same standards for taste as the daily newspaper. A few things we won't tolerate: personal attacks, obscenity, vulgarity, profanity (including expletives and letters followed by dashes), commercial promotion, impersonations, incoherence, proselytizing and SHOUTING. Don't include URLs to Web sites.
We do not edit comments. They are either approved or deleted. We reserve the right to edit a comment that is quoted or excerpted in an article. In this case, we may fix spelling and punctuation.
We welcome strong opinions and criticism of our work, but we don't want comments to become bogged down with discussions of our policies and we will moderate accordingly.
We appreciate it when readers and people quoted in articles or blog posts point out errors of fact or emphasis and will investigate all assertions. But these suggestions should be sent via e-mail. To avoid distracting other readers, we won't publish comments that suggest a correction. Instead, corrections will be made in a blog post or in an article.
- National Weather Service to evaluate work after missed call on storm
- Medicare payments to tie doctor, hospital payments to quality rather than volume of care
- Blizzard howls its way into Boston but largely spares NYC
- Pittsburgh travelers feel effects of Northeast blizzard
- Ex-CIA officer convicted of leaking info about covert Iran mission
- 3 Russians charged with spying spoke in code, passed concealed message, sought recruits, federal prosecutor alleges
- Northeast waits for foot (or 2) of snow to drop
- Ramping up e-cigarette voltage may be more hazardous to health
- VA plans major structure changes; Pittsburgh’s fate as regional HQ remains unclear
- American drone hit kills al-Qaida terror suspects in Yemen
- National debt due to sharply escalate