Chinese President Xi Jinping and American counterpart Barack Obama will talk cyber-security this week in California, but experts say the state's Silicon Valley and its signature high-tech firms should provide the front lines in the increasingly aggressive fight against overseas hackers.
With China seeking to grow its economy and expand its technology base, companies like Facebook, Apple, Google and Twitter are inviting targets. In fact, all have been attacked and all point the finger at China, which has denied any role.
The U.S. government has stepped up efforts to thwart cyber-attacks, but those efforts are mainly focused at protecting its own secrets, especially regarding military operations and technologies.
Paul Rosenzweig, a former Department of Homeland Security official whose Red Branch Consulting provides national security advice, said the responsibility for preventing attacks in the private sector lies with the U.S. innovators who created the technology that's being hacked in the first place.
"To some degree, they were getting a pass," he said. "If a car manufacturer made a car that was routinely able to be stolen, they'd be sued. If software is made with gaps that are a liability, they bear some responsibility, and in recent years there's been a sea change in high tech firms accepting that responsibility."
Big firms like Google employ thousands of security experts who can spot a potential attack on just a few individuals and quickly disseminate protection for everyone using their products. Google routinely detects unsafe websites that spread malicious software or trick people into revealing personal information, posting warnings in front of users and contacting webmasters who may have been hacked.
But Chinese hackers have managed to hit even Google, and in a book released this spring, Google's executive chairman Eric Schmidt said China is the world's "most sophisticated and prolific hacker."
Cybersecurity is high on the agenda for the meeting between Obama and Xi on Friday and Saturday in Southern California's Rancho Mirage. A recent government report found nearly 40 Pentagon weapons programs and almost 30 other defense technologies were compromised by cyber intrusions from China. Earlier this year, cybersecurity firm Mandiant linked a secret Chinese military unit to years of cyber-attacks against U.S. companies.
Mandiant's chief security officer, Richard Bejtlich, said his firm tracks more than 20 potentially threating groups of hackers in China, some with links to the government and military.
China's government denies any involvement, with Defense Ministry spokesman Geng Yansheng telling reporters Sunday that the U.S. claims "underestimate the intelligence of the Chinese people."
Frustration is growing, however, as the attacks continue. Although none have come out publically, analysts say some U.S. companies even are considering cyber-attacks of their own as retaliation, even though it's illegal. Retaliatory hacking was a hot topic at the 2013 RSA Conference on tech security in March, where attorneys and sitting judges even held a mock trial over an imaginary firm that struck back.
Sign up for MIS Asia eNewsletters.