In response to a flurry of news and commentary reports on Chinese hacking, James Joyner posts:
This seems to go beyond normal, low-level “competition below armed conflict,” in the current Defense Department vernacular, into something more like preparation of the battlespace. Cyber operations are inherently murky compared to traditional “kinetic” operations, making drawing lines difficult. But we seem to be at a point where China is more than a “strategic competitor” but rather an adversary. Which would seem to portend a considerably different economic relationship.
Here’s my question: is it the activity that is “beyond normal” or is it the reporting on the activity? There has been an enormous amount of Chinese state-sponsored hacking activity being carried out over the last several decades. Is what’s going on now different in kind from what’s gone on in the past?
On the one hand I think it’s good that people are finally noticing just how much Chinese cyberespionage is going on. It constitutes a ridiculously large amount of total Internet traffic. At one point I made a regular practice of blocking Chinese IP addresses. I was shocked at just how much of my total traffic consisted of what were mostly probing attacks originating in China. I once saw a log in which you could see the attacker going systematically through a list of known vulnerabilities.
On the other hand I find the prospect of raising the temperature when nothing has actually changed troubling.