By Wayne Rash | Posted 2013-02-21
NEWS ANALYSIS: For a long time nobody in the government
wanted to talk about the stealthy cyber-war the Chinese government was waging
against the U.S. It's time to shine some light on what's been going on.
The news broke over Washington like the flash of an
exploding meteor. China, according to The Washington Post, had hacked its way
into the computers of virtually every institution in the city.
Every government agency, every defense contractor, and
nearly every human rights group, Congressional office, law firm, embassy and
news organization. The attacks on the nation's capital were so massive that it
probably would be easier to list the organizations that had been missed,
assuming there are any.
Worse, the attacks have been mostly successful. The Chinese
state-sponsored hackers have collected terabytes of information. In fact, the
collection of information is so massive that the biggest question isn't what
they got, but how they plan to process it all.
What's worse is that the Chinese hacking attempts have been
so massive that there are many indications that cyber-spies from Russia, France
and Israel have also been snooping around Washington institutions, using the
hacking activity by China as cover.
Right now, it's not clear how successful those three nations
have been because they've either covered their tracks so well that we can't
find out or they never accomplished much. Considering the players involved, my
guess is that Russia and Israel probably got what they wanted and left without
evidence. The motives and goals of the French are less clear.
But what is clear is that the Chinese attacks on Washington
and on the U.S. government and its contractors are tantamount to waging a true
cyber-war. These attacks aren't like the ones reported by Mandiant in which the
spying was economic and was aimed at benefiting Chinese businesses and economic
activity. The attacks on Washington are military spying, pure and simple.
So the question is why aren't U.S. government officials
talking about it yet? Sure, there are many news organizations, including The
Washington Post, that are admitting that they've been penetrated. Plenty of
security experts are giving specifics of who or what has been attacked by whom
and revealing details on what was taken. But the U.S. government is silent on
the topic.
Initially, it was easy to see why this might be so. The U.S.
military and intelligence community didn't want to admit their networks and
databases had been penetrated, because they didn't want the Chinese to know how
successful they'd been. But that time has passed. Everyone knows what the
Chinese are up to, and everyone has been hacked. So, why the secrecy?
When criminal activity is going on, it frequently helps to
make the activity public. Crooks hate exposure, which is why security lights
and cameras work fairly well. The same is true of covert military and
intelligence operations. The Chinese, like every other gang of spies, hate to
be uncovered. They're embarrassed. They lose face.
This is exactly why the Chinese should have their collective
noses rubbed in it. This is why the U.S., with proof of the attacks in hand,
should say what happened, who did it and what they did, all the while pointing
fingers at the Chinese government that sponsored the hackers. While there could
be some diplomatic repercussions, I'm not sure how significant they might be.
After all, China is already attacking us.
But there's one thing criminals and spies hate more than
having a light shined on their activities: It's having to deal with the
consequences of their actions. Right now, the Chinese are betting that we'll
never take action of any kind and that they'll simply be allowed to break in to
whatever they want and take whatever they want while the U.S. sits around
whimpering furtively.
But perhaps the time has come to stop whimpering and start delivering
consequences. We know who they are, we know where they are. We can deliver a
response in the form of a cyber-attack of our own if only we could gather the
political will.
But it would, in other words, take guts. It would take
someone who is willing to make the Chinese pay for their actions by having
their networks taken down, their data erased and their base of operations made
useless.
Then it would mean that the Chinese would lie defenseless
before us while we sucked them dry of the information they've gathered from us,
as well as whatever else they may have handy. The military secrets of the
Chinese, for example.
This sounds like war, you say? That's because it is. This is
the long-talked-about "cyber Pearl Harbor." The nation's innermost
secrets have been laid bare. Worst of all, we may not know for many years into
the future how this relentless cyber-spying campaign has compromised the
nation's security, its military readiness or the integrity of our critical
infrastructure.
China has had a free hand with our IT systems. Returning the
favor—in spades—is the least we can do.
No comments:
Post a Comment
Please see our site at lkconsulting.net