While U.S. officials are hesitant to publicly blame China for the recent theft of federal employee records, voters are less reluctant.
Forty-nine percent of registered voters say the highest number of cyber attacks against U.S. firms or government agencies come from China, according to a recent Morning Consult poll. Thirteen percent of respondents named North Korea as the biggest perpetrator, followed by a tie between the U.S. and Russia at 8 percent, with Iran coming in last at 2 percent.
Some cybersecurity experts say voters are right to blame China.
China has “been historically the biggest perpetrator for intellectual property purposes,” said Vitor De Souza, vice president of global communications at Mandiant, a division of cybersecurity group FireEye Inc. “They hack Western companies to obtain intellectual property that aligns with their economic goals.”
Fifty-seven percent of Republican voters polled also named China as the main offender, compared with 48 percent of independents and 43 percent of Democrats.
At a House Committee on Oversight and Government Reform hearing on the OPM breach Wednesday, Rep. Gerry Connolly (D-Va.) said the responsibility falls more on China than on OPM Director Katherine Archuleta.
“We are engaged in a low-level but intense new kind of Cold War, a cyber war, with China and Russia,” Connolly said. “It has been just as much a threat to security in this country and we need to guard ourselves in this battle.”
In February, Director of National Intelligence James Clapper said at a Senate Armed Services Committee hearing that Russia, China, North Korea and Iran are some of the greatest threats to U.S. cybersecurity.
“While I can’t go into detail, the Russian cyber threat is more severe than we have previously assessed, and Chinese economic espionage against U.S. companies remains a major threat,” Clapper said.
Mandiant’s De Souza said that in the past year the Chinese have also “aggressively” sought personally identifiable information like the kind exposed during the OPM breach that affected millions of current, former and potential federal employees.
China has denied any involvement in the OPM hack.
De Souza said the U.S. should also be concerned about smaller countries.
“China and Russia are historically the most active ones in breaching the U.S., but we have seen in the past 12 months the uprise from Syria and Iran, and obviously North Korea,” he said. “It shows the asymmetric battle we are dealing with, which is that you don’t necessarily need to be a super power to be able to inflict a lot of damage to organizations in the Western world.”
The poll was conducted June 20 through June 22 among a national sample of 1,306 registered voters. Results from the full survey have a margin of error of plus or minus 3 percentage points.
Amir Nasr contributed to this story.