[160974] in North American Network Operators' Group
Re: NYT covers China cyberthreat
daemon@ATHENA.MIT.EDU (Steven Bellovin)
Wed Feb 20 21:08:20 2013
From: Steven Bellovin <smb@cs.columbia.edu>
In-Reply-To: <8031.1361385233@turing-police.cc.vt.edu>
Date: Wed, 20 Feb 2013 21:07:07 -0500
To: valdis.kletnieks@vt.edu
Cc: North American Network Operators' Group <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Feb 20, 2013, at 1:33 PM, valdis.kletnieks@vt.edu wrote:
> On Wed, 20 Feb 2013 15:39:42 +0900, Randy Bush said:
>> boys and girls, all the cyber-capable countries are cyber-culpable. =
you
>> can bet that they are all snooping and attacking eachother, the =
united
>> states no less than the rest. news at eleven.
>=20
> The scary part is that so many things got hacked by a bunch of people
> who made the totally noob mistake of launching all their attacks from
> the same place....
This strongly suggests that it's not their A-team, for whatever value of
"their" you prefer. (My favorite mistake was some of them updating =
their
Facebook pages when their work took them outside the Great Firewall.) =
They
just don't show much in the way of good operational security.
Aside: A few years ago, a non-US friend of mine mentioned a conversation
he'd had with a cyber guy from his own country's military. According to
this guy, about 130 countries had active military cyberwarfare units. I
don't suppose that the likes of Ruritania has one, but I think it's a =
safe
assumption that more or less every first and second world country, and =
not
a few third world ones are in the list.
The claim here is not not that China is engaging in cyberespionage. =
That
would go under the heading of "I'm shocked, shocked to find that there's
spying going on here." Rather, the issue that's being raised is the =
target:
commercial firms, rather than the usual military and government secrets.
That is what the US is saying goes beyond the usual rules of the game. =
In
fact, the US has blamed not just China but also Russia, France, and =
Israel
(see http://www.israelnationalnews.com/News/News.aspx/165108 -- and note
that that's an Israeli news site) for such activities. France was =
notorious
for that in the 1990s; there were many press reports of bugged first =
class
seats on Air France, for example.
The term for what's going on is "cyberexploitation", as opposed to =
"cyberwar".
The US has never come out against it in principle, though it never likes =
it
when aimed at the US. (Every other nation feels the same way about its
companies and networks, of course.) For a good analysis of the legal =
aspects,
see =
http://www.lawfareblog.com/2011/08/what-is-the-government%E2%80%99s-strate=
gy-for-the-cyber-exploitation-threat/
--Steve Bellovin, https://www.cs.columbia.edu/~smb
