Alleged China attacks could test U.S. cybersecurity policy
But what the government can really do remains unclear
Computerworld - The attacks on Google and more than 30 other Silicon Valley companies by agents allegedly working for China is focusing renewed attention on the issue of state-sponsored cyber attacks and how the U.S. government should respond to them.
The U.S. has no formal policy for dealing with foreign government-led threats against U.S. interests in cyberspace. With efforts already under way to develop such a policy, the recent attacks could do a lot shape the policy and fuel its passage through Congress.
In a revelation that was surprising for its boldness, Google on Tuesday said that agents possibly working on behalf of the Chinese government had hacked into its computers -- and those of more than 30 other multi-national companies. Also hit: Adobe.
This is not the first time Beijing has been accused of state-sponsored espionage. Over the past five years, China has been implicated in dozens of attacks involving U.S. commercial, government and military targets. The most sensational of these involved a Chinese hacking group called Titan Rain, which in the early 2000s is believed to have stolen U.S. military and nuclear information.
For the most part, the official U.S. response to the attacks amounted to little more than expressions of outrage and protest by lawmakers. On Tuesday, Secretary of State Hilary Clinton released a statement asking the Chinese government for an explanation for the attacks, which raised "very serious concerns and questions." On Wednesday, Sen. Joseph Lieberman (I-Conn.), the chairman of the Senate Homeland Security and Governmental Affairs Committee, said that attacks like the one against Google must be confronted "aggressively and with all available means."
"The official response will be, 'We are highly upset about this and we demand you stop it,'" said Ira Winkler, president of the Internet Security Advisors Group. (Winkler is also the author of Spies Among Us and a Computerworld columnist.) "The reality of the situation is we are screwed. The political reality is that China, in large part, is funding the U.S. deficit. We have no leverage.
"We just can't cut China off," he said.
Articulating a response to government-led cyber attacks isn't easy.
"We have to keep one thing in mind -- it is extremely difficult to attribute a cyber attack to a foreign government," said Greg Nojeim, senior counsel at the Center for Democracy and Technology (CDT), a Washington-based think tank. "There is often a lack of certainty in that regard that makes it really difficult to decide what kind of response to make."
And even if the evidence is there, it's futile to launch any kind of cyber-retaliation, he said. "That's something that should be off the table. You don't want to have a cyberwar where you fight fire with fire. That could burn the whole house down."
Web giants attacked
- White House orders security review in wake of WikiLeaks disclosure
- Leaked U.S. document links China to Google attack
- Update: Researchers track cyber-espionage ring to China
- Google, China now playing cat and mouse?
- McAfee: 'Amateur' malware not used in Google attacks
- Military warns of 'increasingly active' cyber-threat from China
- China: Google 'totally wrong' to stop censoring
- Update: Google stops censoring in China
- Google's China ad partners wait in 'incomparable pain'
- Google may soon leave China, reports say
- Comprehensive Advanced Threat Defense The hot topic in the information security industry these days is "Advanced Threat Defense" (ATD). This paper describes a comprehensive, network-based approach to...
- Advanced Threat Defense: A Comprehensive Approach In this interview, Peter George, president, General Dynamics Fidelis Cybersecurity Solutions, explains why we need more than anti-malware, and what constitutes a comprehensive...
- 2013 Cyber Risk Report The "Cyber risk report 2013 Executive summary" presents the major findings of HP Security Research's comprehensive dive into today's cyber vulnerability and threat...
- Cybersecurity for Dummies eBook This book provides an in-depth examination of real-world attacks and APTs, the shortcomings of legacy security solutions, the capabilities of next-generation firewalls, and...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- What should I look for in a Next Generation Firewall? SANS Provides Guidance With so many vendors claiming to have a Next Generation Firewall (NGFW), it can be difficult to tell what makes each one different.... All Cybercrime and Hacking White Papers | Webcasts