Speaking of distressing articles, this one at the Washington Post, a continuation of the story on state-sponsored Chinese hacking, is extremely disturbing. The one sentence summary is that everything in Washington that’s worth hacking has already been compromised:
“The dark secret is there is no such thing as a secure unclassified network,” said James A. Lewis, a cybersecurity expert at the Center for Strategic and International Studies, which has been hacked in the past. “Law firms, think tanks, newspapers — if there’s something of interest, you should assume you’ve been penetrated.”
The rising wave of cyber-espionage has produced diplomatic backlash and talk of action against the Chinese, who have steadfastly denied involvement in hacking campaigns. A strategy paper released by the Obama administration Wednesday outlined new efforts to fight the theft of trade secrets.
Cyberspying against what could be called the “information industry” differs from hacks against traditional economic targets such as Lockheed Martin, Coca-Cola and Apple, whose computer systems contain valuable intellectual property that could assist Chinese industrial or military capabilities.
Instead, journalists, lawyers and human rights workers often have access to political actors whose communications could offer insight to Chinese intelligence services eager to understand how Washington works. Hackers often are searching for the unseen forces that might explain how the administration approaches an issue, experts say, with many Chinese officials presuming that reports by think tanks or news organizations are secretly the work of government officials — much as they would be in Beijing.
If you don’t like my “Chinese takeaway” suggestion for retaliation, here’s another one. Cut China off from the Internet. It can be done. There are only a handful of Tier 1 providers. It would take some effort and some vigilance but it can be done. And probably a lot more cheaply than hardening networks enough to withstand systematic, industrial-scale attacks of the sort that are underway. And the other countries we’d need cooperation from have been victims of state-sponsored Chinese hacking, too.