When tens of millions of Americans had their information stolen from the Office of Personnel Management’s database last month, China was widely suspected to be responsible for the cyberattack. This has become an all too common occurrence in recent years, with American corporations in particular finding themselves having to worry about Chinese cyberattacks. The United States government seems to have had enough of this, however, as the New York Times is reporting that President Obama has decided to begin retaliating against Chinese cyberattacks.
The Obama administration has determined that it must retaliate against China for the theft of the personal information of more than 20 million Americans from the databases of the Office of Personnel Management, but it is still struggling to decide what it can do without prompting an escalating cyberconflict. The decision came after the administration concluded that the hacking attack was so vast in scope and ambition that the usual practices for dealing with traditional espionage cases did not apply. But in a series of classified meetings, officials have struggled to choose among options that range from largely symbolic responses — for example, diplomatic protests or the ouster of known Chinese agents in the United States — to more significant actions that some officials fear could lead to an escalation of the hacking conflict between the two countries. That does not mean a response will happen anytime soon — or be obvious when it does. The White House could determine that the downsides of any meaningful, yet proportionate, retaliation outweigh the benefits, or will lead to retaliation on American firms or individuals doing work in China. President Obama, clearly seeking leverage, has asked his staff to come up with a more creative set of responses.