James Andrew Lewis of the Centre for Strategic and International Studies reported in the Washington Post in March that more hype than fact has been said about Chinese hackers targeting the U.S.: “It’s good that it is finally getting attention,” he said, “but with that spotlight have come exaggeration and myths.”
Foremost, the term “cyberattack” has primarily been improperly used. “With very few exceptions, China has not used force against the United States in cyberspace.” What they have done is spied, and spying is not a crime under international law. He also outlined how almost every nation has made use of the internet for spying purposes. China may have crossed a line in economic-espionage, however, “stealing secrets from foreign companies to help its own”–efforts which the United States does not engage in.
He also attacked the myth that China’s hackers are unstoppable cyberwarriors, saying that “more than 90 percent of corporate-network penetrations required only the most basic techniques, […] and 85 percent went undetected for months—another sign of lax security.” Where China succeeded, however, is in the theft of military technology that may have “led to rapid improvements in that country’s stealth, submarine-quieting, nuclear weapons, and sensor technologies”. The U.S. may be underestimating the damage done to its lead in military technology, he said.