Hacking

DNCHack is the ‘most significant’ of any cyber attack ever seen: Thomas Rid

AFParty.JPG
The Korean War helped establish a norm of behavior during Cold War.

Where is the hacking of the Democrats during the 2016 election heading?  I would compare it to one of the major inflection points of the Cold War that changed the behavior of superpowers afterward.

Thomas Rid, professor in the Department of War Studies at King’s College London, has recently made a similar assessment.

“I think this is one of the most serious cyber attacks – if you want to call it that – that we have ever seen. One of the most consequential ones. – Not technically. It’s not like the blackout in Ukraine. – But on the political level I think this is more significant than possibly any other cyber attack that we have ever seen.”

“A lot of credibility at stake.

“I think the evidence is quite strong here.

“What the Russia intelligence community are doing here is setting a de facto norm.”

For all of the search for “norms” in cyberspace, I believe that whatever the US does in retaliation for the DNC Hack will effectively establish the “norm.”

Rid’s comments came from the New America/Christian Science Monitor cyber security podcast.

Follow Chris on Facebook

 

 

 

US-China cyber agreement, the hotline, and the “knowingly” qualification

Xi Jinping’s US visit has yielded a modest agreement between the US and China regarding hacking. Very modest.

Stopping, or at least slowing the theft of US commercial data that can aid foreign businesses is a central concern to the US. But the one line that addresses this phenomenon in the agreement has a troubling qualifier in it.

“The United States and China agree that neither country’s government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors.”

“Knowingly” makes all the difference. Because if China’s government is unaware of the commercial hacking efforts, it’s hard to hold Beijing responsible.

Possibly the most tangible result is the establishment of a hotline to be used with a group of high-level officials on both sides, to support “fighting cybercrime and related issues.”

On the US side it will include:

The Secretary of Homeland Security
The Attorney General
with input from the FBI and intelligence agencies.

On China’s side:

An official at the ministerial level
the Ministry of Public Security
the Ministry of State Security
the Ministry of Justice
and the State Internet and Information Office

But the wording suggests this is separate for the all-important issue of commercial hacking. That use of hacking would come under the “search for norms” statement on China and the US.

“Both sides are committed to making common effort to further identify and promote appropriate norms of state behavior in cyberspace within the international community.”

Already US Director of National Intelligence James Clapper has said he wasn’t optimistic the deal would slow China’s cyber onslaught.

The same Reuters report contains this line: “…there were questions about the extent to which it was orchestrated by the Chinese government.”

Either the Chinese government is masterminding and controlling these raids on valuable US corporate data and hiding its hand in them, or the Chinese government is not fully in control of them. In fact, in many cases, the Chinese government is helpless to control them. Hence, the “knowingly” clause of the agreed pledge.

If that’s the case, it says a lot about the division of power within China, with central authorities themselves unable to rein in the activity. I suspect the real importance of this agreement about economic hacking may be how much it tells the world about the kind of control Beijing exercises over hacking taking place on their territory. To be fair: the US struggles to police hacking within the US. But when the target is high-profile enough, US authorities throw resources at it.

Robert Knake of the CFR sees another future implication of the deal. He notes that under the terms of the deal, China is expected to respond to requests for law enforcement actions from the US. “This is how the United States will measure the Chinese commitment,”

A big part of the BRICs rise is the elevation of BRIC-level governance onto the world stage. So it remains to be seen how China handles this challenge. But I suspect it’s quite a bit different from the twilight of the Cold War, with its treaties and dialogues that were effective in changing the world. We’re all still searching for the new rules. I imagine they will only become apparent after more crises.

Follow Me on Facebook

China’s ‘sprawling hacking-industrial complex’ – Su Bin accused of stealing Boeing’s aviation data

It looks like the team at the Justice Department specially trained to handle hacking investigations has been busy. Only weeks after the indictments of the five PLA officers, a new case has been publicized. The Justice Department unsealed an indictment against Su Bin, a Chinese citizen in Canada, and two unnamed co-conspirators, for breaking into Boeing’s computers to pilfer information about the C-17, F-22 and F-35.

Su Bin sold the plans to Chinese businesses. The nature of the case underscores how messy the relationship is between China’s military and the hackers who freelance. In fact you can argue that the cyberhacking issue provides a peephole into how complicated, if not disorderly the relationship is between China’s state and its citizens in matters of industry and military. It shows that while China’s military is huge – it’s not exactly a monolith.

The Wall Street Journal: The complaint helped to answer one question about China’s sprawling hacking-industrial complex. The country’s cyberwarriors, some of whom work for the military and others on their own, hit so many targets and vacuum up so much information, that it can at times it can be hard to tell who is directing them, a former U.S. official said.

Many hackers work as freelancers, sometimes during off hours, then try to sell stolen information to state-owned firms.

This scale would help account for the repeated accusation from the US and that size and persistence of China’s hacking is remarkable, compared to other countries. Russians are considered some of the most skilled hackers, but not necessarily as prolific as those from China. In a way, the scale-advantage for China is natural, given the size of the country. One question is whether scale-equals advantage in the cyberrealm where one well-executed exploit, one particularly subtle algorithm, can automate a function, and do what it would take millions of humans to do.

These are computers we’re talking about.

Another comment related to this WSJ story is also important. A reader of the story, whose name I won’t include here, describes the “thousand grains of sand”, or mosaic style of Chinese information theft and gleaning. On the quoted WSJ story, this reader writes:

The difference between cold war spying (US vs Soviet) and today’s spying (US vs China) is also the most difficult for the US to understand and handle: During the cold war (before internet and global commerce), spying was a competing game between governments and professionals.

Today’s China play[s] that government and professional game but also a civilian game. [In] the civilian game it plays, China takes advantage of many overseas Chinese’s cultural identity and national loyalty. In that sense, Chinese shares a lot with Jews in the cultural identity and sense of belonging, except [it] may be even deeper with some Chinese people.

With that kind of mind set (not in all but many Chinese residing outside of China), it is very easy for the Chinese intelligence to exploit its human resource advantages at least quantitatively if not qualitatively. That plus the promise of money will make many Chinese emigrants living in Western world tempt to think twice when they are approached by Chinese intelligence.

Notice the commenter himself describes China’s snooping advantage as “quantitative…if not qualitative…”

In these matters, I think China sees scale as a central advantage – much like in trade, geo-economics, negotiations, etc. The question for the world outside of China is whether that’s actually true.

 

China hacking US universities – and hints at a new East-West normal

This might seem like a simple follow-on story to recent China-US hacking stories, but the NYTimes piece is really central to understanding what’s going on between China and the US. Yes, everyone is hacking everyone as the Snowden revelations make clear, but the threat of reams of intellectual property being siphoned off by China from the US is one of the biggest strategic worries in Washington because it could seriously undermine the US’s long term economic outlook. 

Two details of note in the NYTimes piece that may foreshadow the new normal, in which Western knowledge-workers dump their electronics upon leaving China, or don’t take them in the first place…

From NYTimes’ Richard Perez-Pena: 

Some universities no longer allow their professors to take laptops to certain countries, and that should be a standard practice, said James A. Lewis, a senior fellow at the Centre for Strategic and International Studies, a policy group in Washington. “There are some countries, including China, where the minute you connect to a network, everything will be copied, or something will be planted on your computer in hopes that you’ll take that computer back home and connect to your home network, and then they’re in there,” he said.

Also…

Last year, [The university of ] Wisconsin began telling faculty members not to take their laptops and cellphones abroad, for fear of hacking.

 

In other words, a future of ring-fenced, air-gapped technology, where, yes, it’s possible that tech people and academics would visit China and Russia armed only with paper and pen.