Advertisement

Blog

America’s Declared (& Undeclared) Cyberwar

President Barack Obama issued an executive order in mid-February to make it easier for “eligible critical infrastructure” companies and the US government to share information about network attacks.

As the international cyberwar heats up, the executive order represents one of several ways the US government is attempting to protect national interests from network attacks and data theft. It is also the latest development in the US' reaction to increasingly common attacks that could have major implications on the world's supply chain.

The main goal of the executive order is to create more efficient best-practices and policies for protection against “the cyber threat to critical infrastructure, which continues to grow and represents one of the most serious national security challenges we must confront.”

The executive order follows an article published in the Washington Post about a classified government report it obtained on international cyberattacks. Foreign governments, especially China, are directly or indirectly sponsoring “massive, sustained” cyberespionage campaigns that are putting US technology and development secrets at risk, according to the article.

Foreign governments, especially China, are directly or indirectly sponsoring 'massive, sustained' cyberespionage campaigns, according to government investigators.

Foreign governments, especially China, are directly or indirectly sponsoring “massive, sustained” cyberespionage campaigns, according to government investigators.

Same hack, different day
However, the claims are hardly new. The article in the Washington Post follows a report issued last year by the Office of the National Counterintelligence Executive, which monitors espionage against the United States. While previously largely limited to attacks against military and government networks, the National Counterintelligence Executive maintains that international cyberthieves are increasingly stealing US trade secrets from private firms and using them to gain an advantage in the undeclared economic war. Attacks originating from Russia, Israel, and France are also prevalent, but China is by far the worst culprit, according to the Office of the National Counterintelligence Executive.

The economic consequences in the United States from trade secret and other data theft by foreign parties are significant but difficult to quantify. The Office of the National Counterintelligence Executive said the attacks could cost the US economy up to $400 billion a year, but added that some estimates are substantially lower. However, speaking on a recent edition of Face the Nation , Bob Orr of CBS News cited estimates by House Intelligence Committee Chairman Mike Rogers who said cybertheft against US interests represents up to $400 billion in stolen intellectual property.

No innocents?
But as the US government seeks to shore up its cyberdefenses, it is not necessarily a passive participant in this undeclared cyberwar. The US government, according to French media reports, was behind attacks on the French president's residence during the months leading up to the presidential elections last year. Both the US and France would not comment on the reports, yet credible national French publications, including L'Express and Le Télégramme, confirmed that the attack took place. Le Monde, one of the most well-respected newspapers outside of the United States, cited a French diplomat who said he demanded an explanation from the US government about why it accessed then French President Nicolas Sarkozy's emails and other data.

The US and Israel were unofficially behind the Stuxnet virus attack. Considered to be one of the most complex and lethal virus programs ever coded, the virus succeeded in crippling the supervisory control and data acquisition (SCADA) systems that Iranian scientists supposedly use to enrich uranium.

The French presidential and Stuxnet attacks are, of course, just two examples of attacks against foreign interests that supposedly originated in the United States. To the extent that the United States does apply its vast arsenal of defense spending to cybersurveillance and even cyberwarfare remains the stuff of chat room discussions and information that will remain classified for decades from now, if it ever does become known.

Technology theft
But as network attacks against US interests ramp up, the US government is also obviously worried about how illegally obtained technologies will shift beyond the shores of the United States. The theft potentially has huge implications in the technology industry, since stolen technologies developed in the United States, which spends the most in the world on research, could be marketed and produced elsewhere.

Citing China as the main culprit, Rogers noted during the Meet the Press episode how product blueprints and know-how are stolen by data theft and then used to produce specific products.

Rogers said:

I mean, the Chinese basically are replicating these products about as fast as they can. And we're not doing very much about it. This is the first stage of what could be a very, very big problem if they turn this pillaging of wealth into attacking key systems.

However, the US government's more aggressive role in protecting intellectual property from cyberattacks should have at least some effect. The US government should also likely step up its more offensive actions in this covert cyberwar, although those actions will remain very covert.

Meanwhile, each skirmish and battle won could have a direct effect on which countries get to produce which technologies.

16 comments on “America’s Declared (& Undeclared) Cyberwar

  1. ahdand
    February 20, 2013

    Not a good sign at all but I feel this has some good points too. It will definitely create some sort of an awareness among the public.

  2. syedzunair
    February 20, 2013

    It is not a good sign that countries start covert or open cyber wars. Unfortunately, this trend is on the rise and we see attacks on most nations by groups of hackers. Therefore, security must remain the first priority not only for the US but for all other nations too. 

  3. Brian Fuller
    February 20, 2013

    I wonder whether treaties will play a role in future cyberwarfare the way they did (or didn't) in conventional wars.

     

  4. syedzunair
    February 20, 2013

    I don't have high hopes. I say this because much of this is done by hackers who barely care about laws. Since, none of it is State sponsored the treaties will not be an effective tool. 

    What do you think?

  5. mfbertozzi
    February 21, 2013

    Well, it is a great thought and while I was thinking about, I finally reached the point that cyberwar started at the time of arpanet…then several decades ago…

  6. _hm
    February 21, 2013

    I assume all countries engage in cyber security and dervied cyber attacks. China does it and so does US. Why US is crying foul? Are they loosing the edge in cyber espionage?

    I may suggest one way of protecting it. Like we study it in control theory, introduce lots of noise in real data to misguide receiver. Even cyber attacker gets these plethora of data, it may be become very difficult for them to decode and make sense out of it.

  7. prabhakar_deosthali
    February 21, 2013

    Since the end of world war II , ther has been esoionage activity by almost all the countries to gather secret information about the political developments, the economic conditions, the warfare and so on.

    The internet has given everybody another tool to do espionage as well as the disruptive activities like the cyber attacks.

    Only differnece now is that unlike the earlier espiogae activity which involved sphisticated satellite systems which only countries like US could afford to deply, in case of the Cyber world it is more of a level playing field .

  8. FreeBird
    February 21, 2013

    The way the media is reporting this, the US didn't take appropriate steps earlier becuase of a threat to privacy. I don't think you can get a bigger threat than China hacking your system. I'm no fan of Big Brother, but in this case, US government measures are the lesser of two evils.

  9. Wale Bakare
    February 21, 2013

    The recently concluded world conference on international telecommunications tagged WCIT Dubai twenty twelve ( WCIT -12) was meant to address some of the pressing issues – internet governance being the top of agenda of the conference. But unfortunately this was not successfull as planned.

    http://www.itu.int/en/wcit-12/Pages/default.aspx

  10. mfbertozzi
    February 22, 2013

    @WB: thanks for link, it reports very clearly the result of the summit; the point, in my view, is that Internet acts as medium, for one part, for providing positive services and for another part, for providing bad services. Not easy to agree on common and shared rules for Internet government.

  11. mfbertozzi
    February 22, 2013

    @p_d: that's right and going further I am wondering the reason for still discussing about the way for using Internet in the negative sense; I don't forget for instance that at the time of tzunami in Japan, it was the only network running and it played a fundamental role in the emergency.

  12. ahdand
    February 22, 2013

     

    “don't forget for instance that at the time of tzunami in Japan, it was the only network running and it played a fundamental role in the emergency.”

    Yes true and social media was a great help during that time but we have to remember that we are using the internet basically most hours per day so the risk of getting into trouble via internet is very high. A very thin margin divide the good from the bad in internet

  13. Wale Bakare
    February 23, 2013

    >>Not easy to agree on common and shared rules for Internet government.<<

    Well, if trading and marketing only place of getting success heavily hinged on internet. Why so difficult in agreeing on goals and objectives for the sustainability of internet as well for its development? Now that internet is practically becoming everything for the world – securing it remains a big challenge. The longer it remains uncheckmated the bad its for businesses of the world.

  14. Mr. Roques
    February 26, 2013

    So the US is behind some attacks but is worried about China? Who's worried about the US? (the rest of the World). 

    They can't play the good guy and the bad guy, at least not in the same game.

  15. mfbertozzi
    February 27, 2013

    That's right WB, the Internet is right now pervasive, but any region is aiming the control of the local users and this is not an easy step to run, in my eyes.

  16. ahdand
    February 27, 2013

    Why everyone is worried about China here ? I dont see any sensible reason for them to be so. They always reject whats been offered if its from US and now they start complaining. 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.