CHINA! and RUSSIA! and [an unnamed ally that is likely Israel] Are Stealing Our Stuff!
Last week, ODNI released a report on cyberwarfare that is raising eyebrows for the way it named China and Russia as the sponsors of cyberespionage explicitly.
Jack Goldsmith wonders what naming them will accomplish.
I am sure that naming the Chinese and Russians specifically and openly was a big deal inside the government. The Wall Street Journal reports that a “senior intelligence official said it was necessary to single out specific countries in order to confront the problem and attempt contain a threat that has gotten out of control.” Perhaps so, but naming names alone will not accomplish much. For one thing, the U.S. government has presented no public evidence on Chinese and Russian cyberespionage, and those countries generally deny it. (Chinese Embassy spokesman Wang Baodang said yesterday, in response to the DNI Report, that China opposes “any form of unlawful cyberspace activities.”) For another, Cyberespionage does not violate international law. For yet another, the United States itself, while it does not engage in broad-ranging industrial or economic espionage, does do so on a limited scale.
[snip]
In light of these factors, it is hard for me to understand what naming names is supposed to accomplish, especially since the Chinese and Russian hand in industrial espionage is widely known.
Whereas Shane Harris compares this moment to Churchill’s Iron Curtain speech.
The report marks the first time the United States government has unequivocally stated, in empathetic and highly publicized fashion, that China and Russia are responsible for a pervasive electronic campaign to steal American intellectual property, trade secrets, negotiating strategies, and sensitive military technology. This is not the first time sitting US officials have singled out Chinese and Russian cyber theft. But those complaints were largely off the record and carefully calibrated not to be read as a shot across the bow of America’s strategic adversaries. This report, however, is that shot.
[snip]
And one is tempted to draw parallels to pivotal moments of the last cold war, which were underappreciated at the time, or even ridiculed. The release of this report may turn out to be the Internet’s Iron Curtain moment. Though it landed with much less ceremony and eloquence than Sir Winston Churchill’s fateful 1946 address, it nevertheless does the same job: It makes clear the stakes as the United States intelligence community sees them, and it throws down a challenge against Russia and China, which are judged to be the two greatest strategic threats to American prosperity and influence.
But there’s something funny about this grand moment. Sure, the report names and shames China and Russia. But it also makes clear that our allies [cough, Israel] are also stealing our stuff. Here’s how the executive summary presents the culprits.
- Chinese actors are the world’s most active and persistent perpetrators of economic espionage. US private sector firms and cybersecurity specialists have reported an onslaught of computer network intrusions that have originated in China, but the IC cannot confirm who was responsible.
- Russia’s intelligence services are conducting a range of activities to collect economic information and technology from US targets.
- Some US allies and partners use their broad access to US institutions to acquire sensitive US economic and technology information, primarily through aggressive elicitation and other human intelligence (HUMINT) tactics. Some of these states have advanced cyber capabilities.
If this theft is such a big deal, then it’s a big deal whether China does it or Israel. Hell, since Israel often steals our defense information than sells others the war toys we sell to them, in some ways it presents a more immediate threat.
And whatever the significance of naming China and Russia might be if they were the only culprits, shaming them while at the very same time admitting that our buddies do the same thing sort of makes us look like chumps or hypocrites.
Which is all the more hysterical given that the report cover features a thumb drive–the means by which we continue to make it child’s play to give us viruses that make stealing our stuff easier–wielded like a bright red gun to represent the danger.
*heh* European Poll: Israel Biggest Threat To World Peace…
*cough* *cough*
I’ve been wondering about this one, too. I’ve heard some rumblings today that there will be a big push by the military to do more offensive cyberwar stuff. Is this report just intended to provide cover for that? The parents among us have all heard this one (and a whole lot of us have done this one), right?
“Mom, he started it.”
That’s about the intellectual level that we are approaching this whole area. It’s just insanity for us because we have the most to lose by escalating the so-far phony cyberwar. Apparently, the Pentagon wants to turn it into a real war.
While I was in China last week, the CCTV ran a report about cyber attacks, making the observation that it wasn’t their fault because half of the attacks came from outside their borders, followed by a list of suspected sources that covered about 20 – 30% of sources.
The thing is that the perception is actually correct that the Russians and Chinese have been tapping our intellectual and military secrets for decades [remember the Yankee class boomers? The design plans were made from the Revell model in the first pass] because it is easier to steal than design. They also make no pretensions about being our allies, like the Israelis do.
They are also undermining our interests in Syria and Iran, perfectly willing to let us hang out to dry so they can profit from our weakness. Pay attention to the BRICS process, it’s the alternative to the G8 [even if China and Russia are part of the G8].
@WilliamOckham: Well, and tomorrow’s the hearing on “counterfeit” parts in defense contracting.
Now, first of all, I’ve never understood why we assume these are just fraud and not sabotage?
Furthermore, even assuming it’s sabotage and not simple fraud, then where do we get off, having launched a much more advanced form of sabotage on Iran?
Furthermore, even assuming it’s sabotage, why the fuck aren’t we just mandating that chips come from the US?
It’s things like the outcry over these “counterfeit” chips that makes mse sure we’re going to come to a more embarrassing end than the Romans.
well, we’ll see what this is all about in time.
certainly it would make extraditing and hanging julian assange less objectionable to the public,
not to mention justification for treating bradley manning’s behavior as treasonous, rather than the misdemor it was.
the picture thru next november is emerging:
poor, helpless united states is under attack from everywhere – the iraquis, the afghans, the pakistanis, yemen, somalia, and now we discover, from the big bad bugaboos russia and china, and even an “ally” (can one be attacked by an “ally”?).
computer-wise, how times have changed
from when all we had to worry about was bulgarian programmers creating viruses and spammers selling watches and penis enlargers.
@orionATL:
My thought also, as corp. Amerika dumbs down the citizens of this nation with the help of their paid lackies in govt. and know they are suprised they can’t keep up. I just don’t feel any pain for them as they crush Main Street America. Oh well couldn’t happen to a better group and maybe it will speed up the down fall of corp. Amerika and yes it hurts Main Street more but something has to change here.
anytime anything is released to the american public by an american “intelligence” * official,
that information should be treated as:
– an almost certain manipulation of american public and/or congressional opinion
– very likely a half-truth
– quite possibly a lie.
the intelligence services do not work to serve the best interests of the nation or its people.
they work to meet the demands of the white house, and to serve the interests of their particular organization and their co-workers.
they are never in the business of educating the american people, of “telling it like it is” to the american people;
they are in the business of manipulation american publuc opinion.
if one uses this world-view as a template for evaluating information released by “high-level intelligence officials” one is a lot less likely to be misled and misinformed.
@WilliamOckham: I’m in that camp, when DUQU or Stuxnet 2.0 get tracked back to the NSA they’ll use the “They started it!” excuse.
OR, it’s just another excuse to implement their “internet kill switch” for our protection. When the mass revolt finally hits the PTB will kill the information exchange with the excuse we were being cyber attacked by Russia or China.
@emptywheel:
It’s still the law, massively ignored, that the military hardware is sourced from the USA. Not that there’s anything that will be done with it.
I think the thinly veiled Red Scare cover art alone is hilarious and worthy of a Betty Bowers parody.
@emptywheel: That’s what I think. We give these nations at least as much as they steal, just by outsourcing all manufacture. We gave China the plans for wind turbine blades, which turn out to be very useful in creating silent propellers for submarines. We let them manufacture all our computer chips. Of course they steal the plans.
I was hoping someone would make masscaio’s point. We have done everything – at least our industrial masters have – to make China into the big scary threat it has become economically. Multinationals are not loyal to any country- that means you, GE et al.
It’s not as if the US government and its legions of private sector “intel” and “security” advisers do not hack into, steal or attempt to destroy the secrets of domestic and international actors, is it? It’s not as if we haven’t relied on Israeli s/w for a decade to develop weapons and cyberwarfare capabilities, is it? It’s not as if naming old bogies, who might well be doing as claimed, is an attempt to distract from our own government’s poor record of maintaining routine h/w and s/w security measures – measures long ago adopted by private companies – even while it insists that other governments give us unrestricted access to the digital lives of their private citizens.
As you say, there’s a great deal missing from this, “The sky is falling” narrative. My guess is that what’s missing is the USG’s own record in this area.
Still laughing over Goldsmith’s take from your link above:
“For one thing, the U.S. government has presented no public evidence on Chinese and Russian cyberespionage, and those countries generally deny it. . . . For another, Cyberespionage does not violate international law. For yet another, the United States itself, while it does not engage in broad-ranging industrial or economic espionage, does do so on a limited scale. ”
From a reliable proponent of forever detentions of crazed with torture Chinese Uighurs and guys with al (or el or Abu …) in their names. And to top it off, he makes the point that no one in Congress ever made when they were arguing for the right to engage in surveillance of any international communications of any kind – – that the US government does engage in industrial and economic espionage and foreign nations might not be endeared at finding the telecoms operating in their countries cooperating in such handoffs of information.
@WilliamOckham: @2 http://www.haaretz.com/news/diplomacy-defense/israel-government-security-services-websites-down-in-suspected-cyber-attack-1.394042
It’s also possible that the US is planning on bring the problem to the UN and/or proposing some international treaties about this. When was the last time the US proposed any world wide International treaties? Yeah, so trying to make it look like the US isn’t a sideliner in diplomacy these days without having to really take any risks is probably the plan.