SAN JOSE, Calif. -- Chinese President Xi Jinping and American counterpart Barack Obama will talk cyber-security this week in California, but experts say the state's Silicon Valley and its signature high-tech firms should provide the front lines in the increasingly aggressive fight against overseas hackers.
With China seeking to grow its economy and expand its technology base, companies like Facebook, Apple, Google and Twitter are inviting targets. In fact, all have been attacked and all point the finger at China, which has denied any role.
The U.S. government has stepped up efforts to thwart cyber-attacks, but those efforts are mainly focused at protecting its own secrets, especially regarding military operations and technologies.
Paul Rosenzweig, a former Department of Homeland Security official whose Red Branch Consulting provides national security advice, said the responsibility for preventing attacks in the private sector lies with the U.S. innovators who created the technology that's being hacked in the first place.
"To some degree, they were getting a pass," he said. "If a car manufacturer made a car that was routinely able to be stolen, they'd be sued. If software is made with gaps that are a liability, they bear some responsibility, and in recent years there's been a sea change in high tech firms accepting that responsibility."
Big firms like Google employ thousands of security experts who can spot a potential attack on just a few individuals and quickly disseminate protection for everyone using their products. Google routinely detects unsafe websites that spread malicious software or trick people into revealing personal information, posting warnings in front of users and contacting webmasters who may have been hacked.
But Chinese hackers have managed to hit even Google, and in a book released this spring, Google's executive chairman Eric Schmidt said China is the world's "most sophisticated and prolific hacker."
Cybersecurity is high on the agenda for the meeting between Obama and Xi on Friday and Saturday in Southern California's Rancho Mirage. A recent government report found nearly 40 Pentagon weapons programs and almost 30 other defense technologies were compromised by cyber intrusions from China. Earlier this year, cybersecurity firm Mandiant linked a secret Chinese military unit to years of cyber-attacks against U.S. companies.
Mandiant's chief security officer, Richard Bejtlich, said his firm tracks more than 20 potentially threating groups of hackers in China, some with links to the government and military.
China's government denies any involvement, with Defense Ministry spokesman Geng Yansheng telling reporters Sunday that the U.S. claims "underestimate the intelligence of the Chinese people."
Frustration is growing, however, as the attacks continue. Although none have come out publically, analysts say some U.S. companies even are considering cyber-attacks of their own as retaliation, even though it's illegal. Retaliatory hacking was a hot topic at the 2013 RSA Conference on tech security in March, where attorneys and sitting judges even held a mock trial over an imaginary firm that struck back.
And on May 20, the Commission on the Theft of American Intellectual Property, headed by former U.S. Ambassador to China Jon Huntsman and former U.S. Director of National Intelligence Dennis Blair, recommended that Congress and the Obama administration reconsider the laws banning retaliation.
"If counterattacks against hackers were legal, there are many techniques that companies could employ that would cause severe damage to the capability of those conducting IP theft," they wrote.
Marc Maiffret, chief technology officer at security firm BeyondTrust in San Diego, warns against private firms going on the offensive.
"There are a lot of people lobbying to `hack back' but I think that is a disastrous idea," said Maiffrett, who was a hacker of government sites before discovering the first Microsoft computer worm, "CodeRed."
"Most of corporate America is failing to secure themselves, let alone become competent hackers to hack back against someone like a China."
Tim Junio, who studies cyber-attacks at Stanford University's Center for International Security and Cooperation, doesn't expect much to change because of the Xi-Obama talks.
"China benefits too much by stealing intellectual property from the U.S., so it's really hard to imagine anyone convincing them to slow down," he said.
Indeed, the payoff for successfully stealing critical information can be enormous. For example, if a company spends many millions of dollars developing expensive intellectual property, such as a pharmaceutical firm investing in a new drug, it's very cost-effective for a Chinese firm or government entity to dedicate a small team of hackers to gain access to that company's networks.
A patient approach of sending emails for months, hoping an employee eventually clicks on a link or opens an attachment that they shouldn't, usually works. It's a probabilities game, and the offense has the advantage, especially when targeting a company with thousands of employees. Sooner or later, someone will make a mistake.
Hackers then sell the stolen intellectual property to competing companies, which can try to replicate the product and sell counterfeits at a cut rate. For a developing country like China, this is a great way to stimulate domestic economic growth.
Junio suspects that China's political leaders may not even be aware of the extent of hacking by their own cyber teams, because corrupt government officials may also be using them for personal gain.
James Barnett, former chief of public safety and homeland security for the Federal Communications Commission, said the government's role in fighting Chinese hackers should be to offer high-tech firms tax deductions, credits or liability limits.
"The private sector's role is to continue to innovate, something it can do much better than the government, and something that Silicon Valley does better than just about anywhere in the world," he said.
Follow Martha Mendoza on Twitter at http://twitter.com/mendozamartha
Chief operating officer of Facebook. Contributed <a href="http://influenceexplorer.com/individual/sandberg-sheryl/a0b12120af614e0597eb2cf7efa854b5" target="_hplink">$60,800</a> in 2011-2012 so far. Leans to the left (96 percent to Democrats, 4 percent to Republicans). While there's no record of Facebook chairman Mark Zuckerberg making political donations, his No. 2 was once a Washington heavyweight. During the Clinton administration, Sheryl Sandberg worked as chief of staff to then-Treasury Secretary Larry Summers. She has donated to President Barack Obama and a variety of Democratic lawmakers.
Bill Gates (i.e., Bill & Melinda Gates Foundation)
Founder of Microsoft. Contributed <a href="http://influenceexplorer.com/organization/bill-melinda-gates-foundation/93c152ddd1cc4e03b5b463f5d4a4109e" target="_hplink">$34,375</a> in 2011-2012 so far. Leans to the left (98 percent to Democrats, 2 percent to Republicans). One of the wealthiest people on the planet, Bill Gates takes a key political stand that doesn't reflect his pocketbook interests: He supports <a href="http://thinkprogress.org/economy/2012/01/25/411283/bill-gates-taxes-justice/" target="_hplink">higher taxes on the rich</a>. He also backs <a href="http://www.huffingtonpost.com/2012/07/02/bill-gates-steve-ballmer-microsoft-marriage-washington_n_1644532.html" target="_hplink">marriage equality</a>. His donations are made through the nonprofit Bill & Melinda Gates Foundation, which handles the herculean task of distributing the billionaire's money among worthy causes around the globe.
Executive chairman of Google. Contributed <a href="http://influenceexplorer.com/individual/eric-schmidt/880e3c69437d4a7982781a0b2a188538" target="_hplink">$73,000</a> in 2011-2012 so far. Leans to the left (63 percent to Democrats, 37 percent to Republicans). While the former Google CEO's donations are more evenly distributed between the two parties than those of some other tech titans, Eric Schmidt may be the tech exec who is <a href="http://www.theatlanticwire.com/politics/2011/06/obamas-bromance-googles-eric-schmidt-out-hand/39225/" target="_hplink">coziest with the Obama administration</a>. He served as a campaign adviser during Obama's first presidential run, has been invited to White House galas and was even named to the President's Council of Advisors on Science and Technology. Meanwhile, the Federal Trade Commission was hitting Google <a href="http://www.huffingtonpost.com/2011/03/30/googles-ftc-privacy-settlement-buzz_n_842490.html" target="_hplink">left</a> and <a href="http://www.huffingtonpost.com/2012/07/11/google-ftc-privacy-settlement_n_1663537.html" target="_hplink">right</a> over privacy violations.
Co-founder of PayPal and early Facebook investor. Contributed <a href="http://influenceexplorer.com/individual/thiel-peter/9a14429dd53a4ad0a16736352da5b0a9" target="_hplink">$2,634,700</a> in 2011-2012 so far. Leans to the right (93 percent to Republicans, 7 percent to Democrats). <a href="http://influenceexplorer.com/individual/thiel-peter/9a14429dd53a4ad0a16736352da5b0a9" target="_hplink">According to Influence Explorer</a>, this Silicon Valley venture capitalist is the fourth most generous political donor in the country, giving $2.6 million to campaigns and third parties over the past year and a half. Among his sometimes eccentric libertarian views (he's a champion of having very smart kids not attend college), Peter Thiel supported Texas Rep. Ron Paul's run for president. Thiel has given the vast majority of his donations to super PAC <a href="http://www.youtube.com/user/EndorseLiberty/feed" target="_hplink">Endorse Liberty</a>, which runs TV and online spots backing Paul.
Laurene Powell Jobs
Wife of the late Apple co-founder Steve Jobs. Contributed <a href="http://influenceexplorer.com/individual/jobs-laurene-powell/98d9904735ad4f1d838888a7eb793a2b" target="_hplink">$59,800</a> in 2011-2012 so far. Leans to the left (100 percent to Democrats). <a href="http://influenceexplorer.com/search?query=steve+jobs&from_form=1" target="_hplink">According to Influence Explorer</a>, Steve Jobs didn't contribute to political campaigns, but that shouldn't be surprising: The late Apple CEO <a href="http://dealbook.nytimes.com/2011/08/29/the-mystery-of-steve-jobss-public-giving/" target="_hplink">didn't like donating to <em>anybody</em></a>, politician or not. His wife is more generous. In this electoral cycle, Laurene Powell Jobs has given exclusively to Democrats, including President Obama, Sen. Kirsten Gillibrand of New York and former Rep. Gabrielle Giffords of Arizona. In 2010, Jobs began serving on <a href="http://www.whitehouse.gov/the-press-office/2010/12/14/president-obama-announces-members-white-house-council-community-solution" target="_hplink">Obama's White House Council for Community Solutions</a>.
CEO of eBay. Contributed <a href="http://influenceexplorer.com/individual/jobs-laurene-powell/98d9904735ad4f1d838888a7eb793a2b" target="_hplink">$48,300</a> in 2011-2012 so far. Leans to the left (100 percent to Democrats). Unlike his predecessor at eBay, onetime Republican California gubernatorial candidate Meg Whitman, John Donahoe has donated all blue this election cycle. He gave $5,000 each to President Barack Obama's and New York Sen. Kirsten Gillibrand's reelection campaigns. He <a href="http://www.whitehouse.gov/the-press-office/2010/12/14/president-obama-announces-members-white-house-council-community-solution" target="_hplink">currently serves on the president's White House Council for Community Solutions</a>, like Laurene Jobs. This despite having worked with Mitt Romney at Bain & Company and singing his old colleague's praises. "I think it is outstanding that he has been able to switch to the campaign mode as a politician, because it is certainly not an easy transition coming from the executive role in business," Donahoe <a href="http://dartmouthbusinessjournal.com/2012/03/early-values-shape-ebay-ceo%E2%80%99s-success/" target="_hplink">told the <em>Dartmouth Business Journal</em> in March 2012</a>.
Chairman and CEO of AT&T. Contributed <a href="http://influenceexplorer.com/individual/stephenson-randall/30b4ff047412438faaae88143cb394cc" target="_hplink">$16,332</a> in 2011-2012 so far. Leans to the right (87 percent to Republicans, 13 percent to Democrats). Campaign finance advocates couldn't write a better example of political donations with intent. After AT&T, the largest U.S. mobile carrier, failed to get approval from the Democratic-controlled Federal Communications Commission for a merger with T-Mobile in December, Randall Stephenson up and <a href="http://www.bloomberg.com/news/2012-05-29/at-t-chief-fills-gop-accounts-after-democrats-hit-his.html" target="_hplink">donated the maximum legal amount to the Republican National Committee</a>. Talk about bitter.