Cyber Roundup (2/23): Brace yourself . . . cyberexploitation stories are coming.

I step away from the blog for two days and there is an avalanche of stories on Chinese cyberexploitation, Mandiant, and the USG response.

In case you missed it (I doubt it), here’s the NYT story that started it all.  That Mandiant story has generated a huge media response that I just don’t get.  We’ve been hearing the same stuff for the past 2 years . . . where was the outrage then?  Does a private firm’s unclassified report attributing cyberexploitation to Chinese hackers really change that much?

To be clear, I loved the Mandiant report, I love Mandiant, I love the decision to publish it.  Not everyone does, however.  A few notable bloggers attacked the report over its methodology, conclusions, etc.  There was even a Twitter war between one blogger and Mandiant’s CSO, resulting in an interesting back-and-forth and even a Twitter parody account.

Anywho, let’s get started.

***

We’ll open with some humor to lighten things up.  The Global Times (a Chinese newspaper with Communist Party ties) ran a pearl of an op-ed responding to U.S. allegations.  A few of the more illuminating portions:

The absurd allegation that a Chinese military unit is behind cyber attacks against the US government and firms continues to ferment. The US has staged a performance so beautifully planned that the Chinese are finding it hard to grasp Washington’s real purpose.

…

China has been too tolerant in previous Internet disputes with the US. Since China’s tolerance was not appreciated by the US, China should confront the US directly.

…

China has no obligation to foster ties when some Americans spit on it.

I weep to repost such trash on my beloved blog, but it’s simply too laughable to ignore.

***

In the USG “response” category:

• Jason Healey had an article for USNews on President Obama’s next move in fighting Chinese cyberespionage.  Noting a “sea change” in the public release of the WH’s trade theft strategy, Healey believes the administration must release specific examples of Chinese intrusions and issue a new cyber EO that may punish firms which use stolen American IP. 

• Max Fisher wrote for The Washington Post and discusses the difficulty of changing Beijing’s cost-benefit analysis on cyberexploitaiton.  Fisher also explores China’s complicated view of itself as a nation “both insecure and bellicose”, beholden to Sinocentrism and perhaps unwilling to seriously listen to US diplomatic efforts.  Interesting article.

• Dean Cheng wrote for The Heritage Foundation, suggesting that Chinese cyberattacks need a robust response and exploring PLA doctrine on cyber.

• Jack Goldsmith wrote a blog post for Lawfare that touched on the USG strategy to confront Chinese cyberexploitation.

• The Hill’s Brendan Sasso notes that “the Obama administration is considering whether to use economic sanctions to retaliate against China . . . but aggressive measures risk sparking a trade war.  . . .”

• Stewart Baker wrote for The Volokh Conspiracy and offered some thoughts on retribution.

• An older (2/19) NYT op-ed on China’s cybergames.

• A 2/22 opinion piece by the WSJ’s John Stephenson & Karla Jones on fighting cyber warfare at the state level

Each article, in some respect, questions whether a USG strategy revolving around naming/shaming or economic sanctions will work.  I’m going to plug my idea again: have USG hackers target and degrade the Great Firewall of China while authorizing private sector hackback under a closely regulated deputy relationship with the DOJ.  The ruling members of the Communist Party are very guarded about their image; if the Great Firewall went down, and Chinese citizens could access stories like the NYT’s piece on Wen Jiabo, then the Chinese will pay attention.  I get that this route is controversial, but it falls below the use of force threshold and may be less controversial than economic sanctions.

***

The AP’s Lolita C. Baldor wrote an article (relayed via the San Francisco Chronicle) explaining that the “next meeting of NATO defense ministers will include a major focus on cybersecurity.  . . .”

***

In a somewhat humorous twist, Reuters reported that hackers began to circulate tainted versions of Mandiant’s report in order to infect computers.

***

Via the Taipei Times: “Taiwan has stepped up cybersecurity cooperation with the US and intends to take part in planned cybersecurity exercises.  . . .”

***

Disturbingly, Forbes’ Andy Greenberg notes that Unit 61398 likely wasn’t even China’s ‘A-Team.’  The article included an interview with Mandiant’s CSO, Richard Bejtlich, explaining that Unit 61398’s sloppy work paints them as a “high quantity attacker but not a high quality attacker.”

In an interesting twist, Business Insider’s Robert Johnson suggests that the Chinese may have intended to be caught in the NYT hacking scandal.  Essentially, good hackers cover their trackers really well, so if you’re finding tracks it suggests that the hackers wanted you to know they were there.

***

Peter W. Singer & Ken Lieberthal wrote a report for Brookings exploring the impact that cybersecurity has been having on US-China relations.  Here’s the report, here’s the Brookings website linking to the report.

***

Shane Harris wrote for The Washingtonian on why Mandiant decided to go public with its report.  Interestingly, China’s “comical” denials played a role.  I’ve been a big fan of those comical denials for a while now.

***

Craig Timberg & Ellen Nakashima reported for The Washington Post on how Chinese cyberspies have hacked most Washington institutions, including:

. . . law firms, think tanks, news organizations, human rights groups, contractors, congressional offices, embassies and federal agencies.  The information compromised by such intrusions, security experts say, would be enough to map how power is exercised in Washington to a remarkably nuanced degree. The only question, they say, is whether the Chinese have the analytical resources to sort through the massive troves of data they steal every day.

That’s one of my big questions . . . what the hell are the Chinese doing with all this information?  How can they sort it all out and make sense of it?  It’s like the US military’s problem with the drone feeds . . . it’s not a matter of having information, but having too much information and accurately sorting through all of it.

***

And in what should surprise no one, Congress is vulnerable to cyberattacks (as reported by The Hill’s Jennifer Martinez).

***

The Economist ran two cybersecurity articles:

• Smoking gun: Evidence is mounting that China’s government is sponsoring the cybertheft of Western corporate secrets.  What should America do to stop it?
• Getting ugly: If China wants respect abroad, it must rein in its hackers

***

Finally, a very interesting article for The Atlantic by Matt Schiavenza on China, its hackers, and the American media.

***

I retweeted this, but it’s worth another look, for the lulz.  There’s this Taiwanese news outlet that makes parody videos for notable news events.  Highlights include Obama being punched by a Chinese panda, Coke’s negotiating strategy, and the Taiwanese view of everyday Americans.