A quick survey of recent cyber news for those looking to keep pace with the ridiculous amount of stories that come out each day . . .
***
Jennifer Martinez reports for The Hill that President Obama will release the much anticipated cyber EO on Wednesday morning (2/13). Martinez explained that the EO will “establish a voluntary program in which companies operating critical infrastructure would elect to meet cybersecurity best practices and standards crafted, in part, by the government.”
Zack Colman also writes for The Hill on the cyber EO.
***
Jack Goldsmith had another interesting blog post for Lawfare considering the recent news of that upcoming NIE which will mostly name/shame China. What does Mr. Goldsmith think about that?
Wow, that will have the Chinese quaking in their boots. In reality, if the Chinese gains from cyberespionage are as great as the USG proclaims, these planned USG responses are an easy cost for the Chinese to absorb. The problem, of course, is that we have few other options . . . in truth we have little leverage beyond the weak steps being considered.
I agree that the Chinese will scoff at all of this, but I disagree that we’re all out of options. So let’s get their attention. I believe that Mr. Goldsmith should turn to his Lawfare compatriot Benjamin Wittes’ thoughts on this. Let’s start poking holes in the Great Firewall of China or publishing personal information of the hackers working our US companies over 9-5 Beijing time. To me, that sounds like just the type of activity that would fall below the use of force threshold while really annoying the Chinese. We could even justify it as bringing freedom to the repressed masses. We also have to consider authorizing the US private sector to defend itself, under tight regulation of course.
The Wall Street Journal’s L. Gordon Crovitz with a similar discussion on cyber Barbary pirates.
***
Jeffrey Carr writes for his Digital Dao blog with some personal reflections on this past weekend’s Suits & Spooks event. I had the pleasure of attending, and it was indeed a worthwhile event.
***
On the lighter side, the Associated Press (via the Boston Herald) reports that hackers “broke into the Emergency Alert System” of a Montana news station and began broadcasting news that zombies had risen from the grave and were attacking the living.
***
Stewart Baker put up a new blog post for his Skating on Stilts blog. The post considered the WashPo’s recent report on that upcoming NIE and questioned the utility of building 13 foot walls to stop 12 foot ladders when a 14 foot ladder is on the way. Interestingly, Baker explored how this little back in forth between nation-states (the creation of new code and the resulting defensive effort) really harms the private sector. If a 12 foot ladder can’t top a 13 foot USG wall, then look to the 10 foot private sector wall.
Ladders, ladders everywhere.
***
Interesting blurb on a new Pew survey, via the Daily Beast’s David Frum:
Of the 11 issues tested, including three that were asked of the experts but not of the general public – China’s intellectual property infringement, territorial disputes over the South China Sea, and China’s exchange rate policy – only cyber attacks from China are considered a very serious problem by at least half across all five groups. Retired military officers are especially concerned about this, with nearly nine-in-ten saying it is a very serious problem. Majorities of retired military officers and business and trade leaders and half of government officials also see China’s intellectual property infringement as a major problem for the U.S.; about four-in-ten scholars and members of the news media express similar concern.
I’m concerned that they’re not concerned.
***
Foreign Policy’s Richard Andres writes on cyber-gang warfare and nation-states’ use of cyber-militias. Plausible deniability ain’t so plausible.
***
The AP, via Politico, with some stuff you surely already know: Rep. Mike Rogers said the U.S. is vulnerable to cyberattack.
***
NPR’s Tom Gjelten had an oft-retweeted article considering DoD’s offensive cyberoperations and the (unnecessary?) secrecy behind them.
Leave a Reply