Since the hacking of the New York Times, the Wall Street Journal, The Washington Post, etc., and the Mandiant revelations about China’s PLA Unit 61398, the media and Internet have offered an explosion of talk about now as a“tipping point” in cybersecurity. We’re, in fact, long past the “tipping point”: what Mandiant had to say about Chinese hacking was actually old news to those who follow cyber news.
As has been the case in the past, there seem to be three camps on the issue of cybersecurity: “the-sky-is-falling” or “cyber-Pearl-Harbor” camp, the “overblown-threat” camp, and the camp worried about the cyberdefense threat to privacy rights. We shouldn’t forget the advocacy of international “rules of the game” for cyberspace, which was recently argued by Zbigniew Brzezinski in the Financial Times. None of these offer much new. And Obama’s cybersecurity executive order on February 12, has elicited few comments beyond “not enough, too preliminary” and “a worrisome expansion of government right-to-prying-on-citizens.”
A week later, supposedly demonstrating the Administration’s determination to increase cybersecurity, the Trade Secret Protection Strategy was introduced by Attorney General Eric Holder in a White House press conference. “Trade secret theft can require companies to lay off employees, to close factories, to lose sales and profits … or even to go out of business,” he said.
Under Secretary of State for Economic Growth, Energy, and the Environment, Robert Hormats, who attended the meeting, offered a clarification of the new strategy that undoubtedly struck real fear in the hearts of the Chinese, Iranian and other hackers. The new strategy will give “clear” diplomatic signals that “preventing the theft of secrets is the priority” of the United States.
While the administration’s soft-approach plan of giving “clear” diplomatic signals takes time and is subject to a different interpretation. We weren’t told of any action that will be taken if the signals have been not as clear as the administration hopes. Signaling displeasure about cyber theft without adding the option of actions to stop the stealing is worthless.
In addition, the widespread tendency is to focus on the technical aspects of cyber security, with little or no attention paid to the people who use the technology to commit the intrusion, or the theft. When the subject comes up, it can be truly stupefying; On March 3, the New York Times decried U.S. intelligence agencies wondering: “Why had the Chinese done it?” Who cares? They’ve done it, and will do it again unless stopped.
The theft of our intellectual property and scientific innovations have already cost billions of dollars and severely damaged our economy. It’ll take time, finances, and lots of effort to gain back the market, that is, if we can stop the hemorrhaging. However, a new study by the civilian Defense Science Board, which was released yesterday, indicates that our national security is under severe threat, and openly criticizes the Defense Department for not being “prepared to defend against this threat.”
The report warned that “The cyberattacks could be combined with conventional attacks at sea and in space….Attackers could crash servers, corrupt data, tamper with the supply chain and insert malicious software into critical systems.” Hacking into the systems, attackers could order U.S. guns, missiles and bombs not to fire, or “direct them against our own troops.” Moreover, even our nuclear weapons are vulnerable to cyber sabotage and attack.” If that happens, “military commanders ‘may rapidly lose trust’ in their ability to command.”
Since it is not possible to protect all military units and installations from cyberattacks, the report “recommends isolating critical systems and weapons, and equipping small numbers with advanced defensive measures to ensure they survive an attack.”
While the administration have great expectations that more “pointed diplomatic and trade measures,” such as threats to cancel certain visas, or put major purchases of Chinese goods through national security reviews, would scare the Chinese, it is essential to adopt Gen. Michael Hayden’s policy that “the best defense is offence.”
Strong and sharp teeth are necessary to deter effectively. Instead of holding many public debates and searching for the appropriate diplomatic jargon to signal serious threat, it’s time to do something without too much ado.
For example, hackers into our systems should have their computers be hacked instantaneously. Their content should be “vacuumed,”, preferably including their back ups, too, and, if possible, they should be physically destroyed. If this will be done regularly, systematically and secretly the message “don’t mess with me” will be clearer that any diplomatic signal the White House has in mind. This way there is a chance to retrieve information that was hacked.
Replacing an army of hackers with appropriate computers takes time even in China. In the meantime, we could strengthen our defensive and offensive capabilities.
Projecting our renewed strength could then bolster our defense. But to get there, we must now mount the best offense we can muster.
FURTHER READING:
1: Franz-Stefan Gady: Cyber Espionage: Reducing Tensions Between China and the United States
6: WSJ: Hardening Our Defenses Against Cyberwarfare
7: Defense News: Time to Confront China’s Cyber Espionage
9: FOX BUSINESS: Survey: Investors Crave More Cyber Security Transparency
10: INFOWORLD: Researchers discover new global cyber-espionage campaign. A new cyber-espionage campaign dubbed MiniDuke used the recent Adobe Reader zero-day exploit