The “four harms” of Chinese cyberhacking

In order for the US to have reason to respond to China‘s cyberattacks, the malicious activity must do one (or more) of the following:

1) Attack critical infrastructure like utilities.
2) Disrupt major computer networks.
3) Steal trade secrets and intellectual property.
4) Benefit from stolen trade secrets and property.

On the retaliation side, the US is considering:

1) Indictments.
2) Sanctions.
3) Diplomatic responses.
4) Ouster of known Chinese agents.
5) Covert cyber actions.

US offensive cyber capabilities, The Guardian, and the new rules of the game

No big surprise here, Guardian. The White House has been hinting about this for some time. On Twitter, the pundits seems to be clutching to this blind quote:

“We hack everyone everywhere. We like to make a distinction between us and the others. But we are in almost every country in the world.”

The US likes to haul China before the international court of public opinion for “doing what we do every day”, the source added.

But the most important quote comes earlier. Says a US official:

“Once humans develop the capacity to build boats, we build navies. Once you build airplanes, we build air forces.”

“As a citizen, you expect your government to plan for scenarios.”

And why shouldn’t the US? I think US citizens would be outraged to learn their government wasn’t capable of hitting back when the US is hit.

The same official says the US is ” very interested in having a discussion with our international partners about what the appropriate boundaries are.”

And that’s what Obama and Xi are doing, as I post this. Although the US no doubt has a robust hacking regime (i.e. it “hacks everyone”) it would be interesting to see how deep the links are between the NSA and Goldman Sachs, for example. Especially compared to links between PLA Unit 61398 and say, Huawei, ZTE and China’s state-owned-enterprises, or its major steel makers looking for sensitive pricing data from resources companies abroad.

It’s China’s use of cyberespionage to bolster its industries and economy that is likely forcing the US to consider offensive responses. And note the American preoccupation with rules, laws and “appropriate boundaries.”

This isn’t to say the Guardian and Washington Post scoops aren’t important. But regarding offensive cyber operations, the scoops might not be important in the way much of the West is taking them to be.

I would be really curious about the nationality of American Glenn Greenwald’s source for these “leaks” in particular. As an aside, it’s worth noting that The Guardian suffers more than most UK publications from the Athens-Rome complex with regards to the US. Who can forget the Clark County debacle of 2004?

Is a healthy shot of hysteria over Chinese cyberspying just what’s needed?

Few countries do hysteria as well as America. It’s in the blood. From the Salem Witchtrials to the Red Scares, it’s a talent. So it’s no surprise there is has been a shudder of hysteria in the recent reporting about Chinese hacking of US weapon secrets.

First The Washington Post reports that China has access to a cache of American military secrets. Then the Pentagon downplays the report

The truth is probably somewhere between the two reports. But to be honest, a certain amount of alarm is overdue, especially after decades of complacency about China. Obviously, something is amiss.

The free-trade Utopianists fought to liberate China with most-favored nation status. The thought at the time was that it would, for US business, open whole new vistas of profits. Free minds would follow free markets, I seem to remember hearing from a pre-9/11 America, whose cocksure business lobby was firmly in the driver’s seat of government and much of society.

A decade after China’s accession to the WTO, things haven’t worked out as planned.

Human rights have not marched forward in China – but let’s face it: US business could have lived with that outcome.

Instead, in 2013 Chinese authoritarian capitalism poses a direct challenge to Western business and government. It’s one thing for Western business to have trouble profiting from China, it’s quite another for the Chinese model to threaten the system upon which Western capitalism is based on.

When all blueprints and trade secrets stored on computers are up for grabs by Beijing to be incorporated into the goal of advancing China’s progress (or resumption of their premier place in world affairs – as they see it), it really raises the question of how the US business, but also government and people, will respond.

Looking at tech, David Gewirtz at ZDNet is on to something in his description of the cyberspying of the Chinese as consistent with ancient Chinese notions of war. Give Gewirtz credit for pulling together the strings on this:

“The skillful leader subdues the enemy’s troops without any fighting; he captures their cities without laying siege to them; he overthrows their kingdom without lengthy operations in the field.”

Sun Tzu repeats over and over the idea that once you get to shooting, you’ve given up your advantage. His entire strategic treatise is fighting the war before you fight the war.

Sound familiar? It sure seems like China is engaging in this cyberwar strategy using the Sun Tzu playbook.

And credit to Gewirtz here, too, for wrapping in an example from Battlestar Galactica. (It’s also interesting to read Gewirtz’s views on Chinese cyberprobing in light of the Senkaku-Diaoyu naval adventurism by the China). 

At this point, the reader may say: but the US hacks, too. True. I break out the difference between the Chinese strategic model and the US model here.

Given all of the above, US business, technology, and government must quickly learn something essential. If you want to effectively counter the China model: more of the same won’t work. More of the same, privatizing losses attributed to cyber theft, hiding them from the public, while socializing the risks for the economy and by extension the society won’t work.

And remember, the goal is not for the US economic empire to be “number one,” in anyone’s books. The goal is for the US republic to not get pinned down economically, technically, politically and have to answer to a foreign power wanting to revive an ancient order.

So the world will be watching to see if Obama shames Xi Jinping at their meeting next week in California. As Michael Auslin, from the AEI writes, it’s time to end the abusive relationship between China and the US.

Washington needs to admit that it is in an abusive relationship, and then find the courage to protect itself against further mistreatment.

In an ironic manner, Auslin, who proposes some decidedly non-free-tradey solutions including sending some “viruses back” to China, questions just what kind of relationship the US is fostering with China.

China’s top military leader told U.S. National Security Adviser Tom Donilon that Beijing wanted to create a “new type of major power relations.” Apparently that new relationship entails robbing your partner blind of his most sensitive secrets, then welcoming him for tea while mouthing nostrums about good fellowship.

There is a challenger out there, Uncle Sam, already as big and strong as you. So this is real, Uncle Sam: What are you going to do about it? A tinge of alarm is only necessary.

Freedom from coercion a goal in Australia’s 2013 Defense White Paper

Australia has released its 2013 Defense White Paper, and it’s a subtle and contradictory thing. There has been a lot of discussion about what kind of message the White Paper contains, especially compared to the 2009 White Paper that contained more explicit descriptions of threats to Australia in the Asian-Pacific region.

This time around, all of that alarmist language linked to China has been scrubbed. But a couple things stand out.

In the first paragraph of the section three, entitled Australia’s Strategic Policy Approach, the very first line lays out something I’ve seen little discussion in the media analysis.

“Australia’s national security interests are based on protecting Australia’s sovereignty – which includes freedom from coercion by other states – people and assets, building sustainable security in our region, and shaping a favourable international environment.” (Italics mine.)

That line, to me, would be aimed at China more than any other country. Even a causal observer of what’s going on the South China Sea sees bullying from China. And coercion is by no means limited to China’s dealings with developing countries like the Philippines, Vietnam. A more powerful China takes on more powerful, developed countries like Japan, Britain (if this story is true) and arguably the US with China’s industrial scale cyber theft.

Image

There is every reason to believe China would pursue a similar path with Australia, if it hasn’t already in the detention of China-born Australian citizens, for example.

Second, the much-discussed Future Submarine Program to support the creation of 12 new subs has elements of a sort of ‘moonshot’ effort, from my reading, at least. The paper says it represents “the largest and most complex project ever undertaken in Australia’s history.”

Under a section called “Greater linkages between Industry and the Education Sector” the White Paper notes falling enrollments in science, technology, engineering and math courses undermine defense industry capabilities.

To address the skills shortfall the government in the 2012-13 budget has already devoted $54 million over four years to increase study in those areas. Australia’s government is also sponsoring programs to build skills critical for the success of Future Submarine Program.

Note the implicit dismissal of free-trade in this matter. Similar efforts in the US – from outside the government – are underway now, twinning a need for a secure defense industry with the need of rebuilding industry as a whole.

Australia is – obviously – not gearing up for occasional skirmishes on the seas by adding here and there to its fleet. This isn’t a tactical, but strategic paper. What’s missing, as everyone notes, is money.

But Australian defense planners, using very diplomatic language, are laying the groundwork for a longer-term maritime competition in the region. And with good cause: while Australia’s military tolerates some dependence on global supply chain, should the seas surrounding Australia become contested, the country will be well-served if it can shoulder more of its own naval ship production.

The most diplomatic angle to the document is the reframing of Australia’s region of concern.

Australia calls the Indo-Pacific region, rather than the Asia-Pacific region (used in the title of the 2009 White Paper) as its core area of strategic concern. “Over time, Australia’s security environment will be significantly influenced by how the Indo-Pacific and its architecture evolves,” the paper states. Yet, Australia’s re-focus on the band stretching from Japan to India, sends a subtle message to Beijing that Australia doesn’t place itself in the middle of a Pacific-focused China-US cross current. At the same time, the paper explicitly reaffirms the Australian security alliance/reliance with/on the US. A big contradiction, handled very well in the writing of the paper – which itself is a product of the times.

…More on the cyber defense elements in another post.

(photo: Chinese sailors seeing off an Australian Navy ship. Courtesy Defence.gov.au)