Protect American IP by deploying malware to lock hackers, pirates out of PCs?

Chinese government hackers were accused of compromising critical weapon systems, but were also accused of 50 – 80% of intellectual property theft. In fact, the “Commission on the Theft of American Intellectual Property” suggested “not yet legal” actions such as deploying malware on the offender’s computer, locking down or destroying computers with illegal copies, and even “photographing the hacker using his own system’s camera.” Although stopping other countries from stealing American trade secrets sounds like a good idea, these aggressive tactics could also go after American file-sharing computers with pirated content.

Chinese military hackers

At the start of May, Bloomberg reported that the Chinese hacked a national security contractor and stole military secrets. That “lengthy spying operation on QinetiQ jeopardized the company’s sensitive technology involving drones, satellites, the U.S. Army’s combat helicopter fleet, and military robotics, both already-deployed systems and those still in development.” A few days later, for the first time, the Pentagon officially pointed an accusatory finger at Chinese government and military for cyber-espionage [pdf]. Now, after obtaining a confidential copy of a Defense Science Board report for the Pentagon, the Washington Post reported that Chinese hackers compromised “more than two dozen major weapons systems” that are “critical to US missile defenses and combat aircraft ships.”

The Chinese infiltrated some of the “nation’s most sensitive advanced weapon systems,” and accessed designs for the advanced Patriot missile system known as PAC-3, F/A-18 fighter jet, the Black Hawk helicopter, the Navy’s new Littoral Combat Ship, and the F-35 Joint Strike Fighter, which is the "most expensive weapons system ever built." The Pentagon is “frustrated by the scale of cybertheft from defense contractors.” In fact, an unnamed senior military official told the Post, “In many cases, they don’t know they’ve been hacked until the FBI comes knocking on their door. This is billions of dollars of combat advantage for China. They’ve just saved themselves 25 years of research and development. It’s nuts.”

The unclassified version, a report called “Resilient Military Systems and the Advanced Cyber Threat” [pdf], said insidious cyber threats “threaten our national and economic security.” This sentiment was recently echoed by a report published by the National Bureau of Asian Research on behalf of the Commission on the Theft of American Intellectual Property. The report accused the Chinese for 50 – 80% of intellectual property theft, also naming Russia and India as offenders, costing the US economy $300 billion a year. The authors wrote, “The sheer scale of cyberattacks on American companies, with corresponding economic interests at stake, causes the issue of IP to rise to a genuine national security concern.”

The US was said to lead the world as software manufacturers, but loses “tens of billions of dollars in revenue annually from counterfeiting just in China, where the problem is most rampant. The U.S. International Trade Commission estimated in 2011 that if intellectual property protection in China improved substantially, U.S. businesses could add 2.1 million jobs.”

Stopping Chinese hackers sounds good, but much of the IP theft occurs “the old-fashioned way" inside the US, the report added, “through copied or stolen hard drives, bribing or planting of employees, tapping of phones, pirating of software and the reverse engineering of products….While credible reports have emerged of Chinese army hackers raiding U.S. government and industry computers, the report said, ‘In reality, most IP theft is committed within American offices, factories, and even neighborhoods and homes’." The commission recommended "water marking" or "beaconing" to allow companies to identify stolen files and to make those files inoperable through cyber means.

Turn your attention to Cyber Solutions [pdf] in chapter 13 and here is where it gets freaky. According to the report on the “Commission on the Theft of American Intellectual Property” [pdf]:

Additionally, software can be written that will allow only authorized users to open files containing valuable information. If an unauthorized person accesses the information, a range of actions might then occur. For example, the file could be rendered inaccessible and the unauthorized user’s computer could be locked down, with instructions on how to contact law enforcement to get the password needed to unlock the account. Such measures do not violate existing laws on the use of the Internet, yet they serve to blunt attacks and stabilize a cyber incident to provide both time and evidence for law enforcement to become involved. 

While not quite that aggressive, Microsoft takes such an approach to protecting its intellectual property when the company scans for pirated copies of its OS under the umbrella of Windows Genuine Advantage validation. Users who need to “activate Windows,” as well as software pirates and some legitimate “genuine” consumers will have an error on the bottom right of their screen, saying, “This copy of Windows is not genuine -- You may be a victim of counterfeiting.”

But when Microsoft advocated mandatory PC scans and PC health certificates before a computer would be allowed an “unfettered” connection to the Internet, people were not cool with that kind of privacy invasion. Microsoft said such scans should not include "the enforcement of intellectual property rights or the creation of marketing profiles." Yet even if pirated software did not contain malware, the health scans could notify users of other "problems or configuration issues" that could increase the risk of the computer becoming infected with malware.

Ransomware to protect American IP

So while stopping other countries from stealing American trade secrets sounds like a good idea, what if the commission’s other recommendations were applied to pirated software or other content on Americans’ computers? Even though it is “not permitted under US law,” the IP commission suggested that companies should be allowed "to take further steps, including:"

actively retrieving stolen information, altering it within the intruder’s networks, or even destroying the information within an unauthorized network. Additional measures go further, including photographing the hacker using his own system’s camera, implanting malware in the hacker’s network, or even physically disabling or destroying the hacker’s own computer or network. 

It sounds like something the MPAA and RIAA would love, making the Six Strikes Copyright Alert System, which is reportedly “damn hard to trigger,” look tame in comparison.

Computerworld's IT Salary Survey 2017 results
Shop Tech Products at Amazon