Chinese intelligence and spying (catch all)

**davidbfpo** · 06-01-2012

This is rather balanced piece of advocacy on the threat from PRC cyber activity, from April 2012 by Jason Healey, Director of the Cyber Statecraft Initiative at the Atlantic Council of the United States (so a 'Beltway Pundit').

In brief a major challenge to the economic sustainability and health of governments and businesses alike.

The threat of Chinese espionage is so critical that the commander of our military cyber defenses has called it the “the biggest transfer of wealth through theft and piracy in the history of mankind.” But the threat is not bad enough to go on the record about the threat, to take risks to share needed information, or even to be willing to tell the Chinese to back off.

These are the government’s Three Silences. Added together I fear they are driving us to defeat.

First: Silence about the threat we face....Second: Silence about practical information which could help the private sector....This leads us to the last silence: Silence to the Chinese about our increasing fury.... By refusing to speak, either to our own people or to the Chinese, we are fighting on an asymmetric battlefield of our adversary’s own choosing. Going public, through naming and shaming those involved, is a winning strategy.

Link:http://www.acus.org/new_atlanticist/...cyber-silences

**Jedburgh** · 06-01-2012

Originally Posted by davidbfpo

This is rather balanced piece of advocacy on the threat from PRC cyber activity, from April 2012 by Jason Healey, Director of the Cyber Statecraft Initiative at the Atlantic Council...

Balanced? I don't read it as such. Hell, he even advocates a position where if an incident even appears as if it came from China, then we don't bother trying to track it - just hold the Chinese government accountable, regardless. And Healey's piece focuses only on the Chinese, which, although China may be the origin of the majority of cyber espionage, the threat is active in all corners of the world.

However, I do agree with Healey about declassification of malware signatures for private sector security. Overclassification is a serious obstacle to efficiency in too many key areas - a problem clearly identified post-911, but still nowhere near adequately addressed.

But back to the issue - Any realistic and practical advocate of cyber-defense should be stressing the growing potential global threat, not scare-mongering against one particular actor - especially when that characterization builds the perception that China is the sole threat. The threat is real, and although espionage originating from China makes up the largest proportion (Russia is a major, sophisticated player as well), that does not excuse minimizing or ignoring the global nature of cyber espionage. And the global threat will only expand and build with the growth and development of technological capabilities - in effect, the cyber threat is the 21st century's arms race, but with a potentially unlimited number of state and non-state players.

Fortunately, those at the dirty-boots level of cyber defense (who are never actually in a position to get their boots dirty) have been well aware of the growing nature of the threat for a long time, and have been actively engaged in the evolutionary and innovative development of counter-measures for just as long. The mouthpieces at the national public level are simply players engaged in what is to be a bureaucratic spillage of blood over securing future funding, as we approach a defense drawdown and cuts that may resemble the immediate post-Cold War era.

**AdamG** · 06-01-2012

1. File under "Quid Pro Quo, Clarice".
2. SWJ needs a "This Thread Useless Without Pics" smiley.

http://www.bbc.co.uk/news/world-asia-china-18299065

Hong Kong-based Oriental Daily quotes the monthly New Way as saying on 25 May that the official "fell into a pretty woman trap" set up by the CIA.

After the two were photographed in secret liaisons, he was blackmailed and agreed to supply secret information to the US, the reports say.

"The destruction has been massive," a source told Reuters.

**carl** · 06-01-2012

Jed:

I don't know that much about how this stuff works exactly which is why I am asking. There was a post over at Information Dissemination a few weeks ago and the author advocated allowing individual targets, companies basically, to take active measures (trons dueling trons kind of) to defend themselves if they are the target of cyber attacks or spying. From the tone of the post this does not happen now. What do you think of that? Are they permitted or encouraged fry an attackers machine now and if they aren't, should they be?

**Jedburgh** · 06-01-2012

Originally Posted by carl

Jed:

I don't know that much about how this stuff works exactly which is why I am asking. There was a post over at Information Dissemination a few weeks ago and the author advocated allowing individual targets, companies basically, to take active measures (trons dueling trons kind of) to defend themselves if they are the target of cyber attacks or spying. From the tone of the post this does not happen now. What do you think of that? Are they permitted or encouraged fry an attackers machine now and if they aren't, should they be?

I'm no expert on current corporate countermeasures either, but as far as I know its as you stated: US corporations are tightly focused on defensive measures, but they tend to be passive (at least with those that will discuss or publish security countermeasures in anything resembling a public venue appear to be that way). Some that would like to take active measures are deterred by concerns about legal liabilities resulting from the potential impacts of active measures along the lines of the counterattack type that you suggest - with liability being a constant concern of corporate lawyers in any case.

Sam may have better knowledge of current private sector defensive actions, if he wants to jump in.

Also, there is a government-private sector information sharing entity that has been in existence for a few years now, the Domestic Security Alliance Council, which is intended to facilitate the sharing of critical information between corporations and the FBI and DHS. A substantial part of that is focused on the cyber threat. I'm not saying its really effective, but its there and can be leveraged by the private sector.

And Dayuhan and Ken's remarks about education are also important in the context of an evolving long-term cyber threat - for at least the past two years there have been intermittent reports about the number of computer science grads being too small to meet economic demands, which may or may not also factor in cyber security demands. Hell, just last month the University of Florida was about to eliminate its Computer Science department - while increasing the athletic budget by around $2 million - until a huge outcry resulted in the reversal of that decision. But it remains clear that focus is lacking too many institutions of higher education, let alone our weak and damaged primary education system.