Archive for the ‘Military’ category

Insecure

April 18, 2009

The press is filled with stories these days of computer intrusions and illegal electronic snooping.  Over the past couple of months we’ve had stories of a major network of computers accessing other computers around the world, including those of the Dalai Lama, stealing files and even remotely turning on webcams and microphones to see and hear what is going on.  We’ve had reports of probes of computer systems in the offices of members of the US Congress.  Within the last week or so we’ve had stories of successful efforts to access computer networks that control the US power distribution grid, with the intruders leaving behind software that could be activated in the future for nefarious purposes.  And virtually every friend of mine in the US government has tales of their agencies, including in some cases their own e-mail accounts, being probed or attacked by outside computers.  Recently I heard that a China expert at a think tank in DC has concluded that his e-mail account too is being targeted.

All of these reports have one thing in common:  China is always cited as possibly the major source for the probes/attacks.

Responsible reporting always emphasizes that it is hard to tell where these attacks originate.  Even if you trace an attack to a server in a particular country it is still possible that someone in another country is routing their attacks through this third country site.  Also, if you confirm an attack really has come from a particular country it is difficult to determine if it is the work of the government, criminal gangs, or individual hackers.

I have no special insight into the extent to which the Chinese government or individuals in China are responsible for the activity we’ve been reading about (though I’d be surprised if at least a sizable part of it does not originate in China), but I do have strong views on how to think about these issues:

­­­­­­­­­­I was US Consul General in Shanghai at the time of the EP-3 incident.  I made it a point to visit area universities in the days and weeks after that collision to meet with students to ensure that this important, intelligent, and emotional segment of Chinese society had access to the US side of the story.  At each session I was treated to a series of comments and ques­tions the main theme of which was that the students were indignant that the US flew spy planes off the coast of China.  This was viewed as an inherently hostile action.  And they often asked, “How would Americans feel if China flew spy planes off the coast of the US?”

I responded by asking rhetorically if they felt that all such activities were bad, or only those directed against China?  I quickly added that I was asking because China itself had spy planes and ships that prowled the coasts of nearby countries collecting intelligence.  It was true that, due to lack of range, these activities did not extend across the Pacific to the coast of the US, but I figured that someday it would.  Further, to my knowledge, most countries in the world conducted ­­­­­­­­similar activities.  The Soviet Union previously and Russia now conduct flights off the coast of the US.  Americans don’t like it, but accept it as normal international behavior.

Returning to the current issue of computer intrusions, I think that if we somehow magically could total up the level of activity by each government in the world in accessing foreign telecommunications and computer systems to gather information, the US would be the clear leader by an order of magnitude (or two or three).  I don’t speak from any inside knowledge of the full scope of US government activities, but just do some Google searching for stories from reputable news sources on this subject, or peruse the books by James Bamford re NSA efforts over the  years.

I am not criticizing the US government for these efforts.  I view it as a regrettable reality that governments need to undertake such activities in the dangerous world in which we live.  Since it is necessary, I am glad the US is a leader in this area (as long as the civil rights of Americans are protected).  But I do want to pose the same questions to Americans indignant about alleged Chinese efforts to enter US computer systems as I did to the Chinese students who were indignant about US spy planes flying off China’s coasts:  Are you opposed to every country in the world undertaking efforts to access foreign telecommunications and computer networks, or just ­­­­those by others against the US?  If the former, I applaud you for your consistent, though unrealistic position.  If the latter, you are a hypocrite.

I also have a few thoughts for the other actors potentially involved in this saga:

To the Chinese government:  if many of these intrusions are the work of Chinese government security agencies I suggest you fire the people involved.  The whole point of such efforts is to do these things without detection.  Otherwise, all you are doing is allowing the other guys to understand your techniques, encouraging them develop countermeasures, and generally making yourself look awful in the eyes of world opinion.

To the Russian, Indian, etc. governments:  If these attacks are coming from you but being routed through China to increase US-China frictions, give the people overseeing this program a raise.  Very creative.

To individual Chinese hackers:  if you are the ones behind these efforts you are accomplishing nothing other than damaging your country’s reputation.  You are unpatriotic slime ­­­­­­­balls and I hope power surges fry all your computers.

Final note:  I see in the press that the ­­­­­­­Administration is nearing completion of a major study on how to better protect critical computer networks in the US.  This is of course the proper focus.  Intrusions on these networks will continue, from friendly and hostile governments, from criminal gangs, and individual hackers.  In this circumstance indignation is inappropriate.  But stepped up protection is not.­­­­­­

Advertisements

Mil to Mil

April 2, 2009

Per mention in a previous post, my piece on “Enhancing a Security Dialogue with China” is now online at the newly revamped site of the National Strategy Forum Review” (Main link for current issue:  http://www.nationalstrategy.com/Programs/NationalStrategyForumReview/SpringSummer2009NSFROnlineJournal/tabid/188/Default.aspx

Here’s the direct link to my article:  http://www.nationalstrategy.com/Programs/NationalStrategyForumReview/SpringSummer2009NSFROnlineJournal/RegionsataGlanceHenryLevine/tabid/196/Default.aspx

In the article I try to emphasize the disconnect between the Chinese military (still relatively closed to contacts from the outside) and the rest of the Chinese government (increasingly actively engaged in international activities) and the policy implications that flow from that.

Enjoy