11 July 2015

Simply Shocked in Cyberspace

by Michael G. Roskin

Why doesn't Washington blow its collective stack at Chinese hack attacks? Because we do it too and want to hold down chatter about it so that we can keep doing it. Washington's tardy and mild reaction: "Hacking in cyberspace? We are shocked, simply shocked!" 

Almost comic is the way every form of contestation, war, crime and espionage is instantly modernized with the prefix "cyber" (e.g., cyber-reconnaissance - sneaking into the other guys' computers to see what they've got). 

A little calm is needed in thinking about cybersecurity. First, everyone hacks everyone else, and everyone denies it. China steals much U.S. technology, but imitation may not lead to innovation. If the technology is too advanced for China's skill levels and economy, the stolen secrets are unusable. And, since technology changes so fast, Chinese copycats may go down wrong paths developing yesterday's technology. 

Denouncing Chinese cyberpenetration begs the question of what we do. It is surely plenty, but we want to keep it very close-hold and preserve the present, relatively open networks because they suit us. That may explain federal reluctance to institute a nationwide cybersecurity regime, leaving credit-card companies and corporations to develop their own systems.

China's cyberthefts open opportunities for U.S. deceivers to insert spyware, malware or deceptive technology into Chinese computers. Worms travel in two directions, and Chinese penetration of our networks may open their backdoor to reverse penetration, something we wouldn't want to blab about. Increasingly, hackers get hacked. Good.

The Chinese see "network warfare" as a way to paralyze the enemy, an important strategy assigned to the Third Department of the People's Liberation Army (3/PLA), which does signals intelligence ("sigint"). With computers controlling our energy, communication and transportation networks, an attack on U.S. servers could disrupt. 

But would a cyberattack stay in cyberspace or automatically and quickly escalate to "kinetic" (things that go boom) warfare? In this regard, cyberwar parallels nuclear war, which will not stop after just one nuke. Implicit is the warning: "You harm my networks, and I'll fry yours!" Accordingly, cyberwar may be constrained by the fear-fed deterrence that blocked nuclear war.

All cyberpowers keep their capabilities secret and in reserve because using them too early would alert the target to take defensive steps. Powers generally flaunt their conventional weaponry - they invite foreign military attach├ęs to their parades - to impress allies and dissuade adversaries. But with cyberweapons, they don't want the other guy to know what they've got, aside from vague hints that, if attacked, they could retaliate. In this respect, the U.S.-Israel Stuxnet worm that damaged Iranian uranium centrifuges could have been a worm too soon. (Iran retaliated against U.S. banks.) "Keep 'em guessing" is the watchword of the cyberage. 

One scenario for a cyberwar could resemble two scorpions poised to strike each other, but they don't. They might have two fears: (1) that the other side has more destructive and clever cyberpenetration techniques, and (2) that cyberattacks might escalate to kinetic warfare. Cyberwar could turn into a big Mexican standoff (add that to Donald Trump's list).

Can encryption ensure cybersecurity? Not all users are willing or can afford to encrypt, which adds another layer or two to communication networks. Most codes can be cracked. Strongly encrypted networks might flag themselves to be knocked out early because they are obviously important. A basic problem is that the more people linked in a network, the more vulnerable it is to hacking. A network to guard against terrorist attacks, for example, would have to link Homeland Security, the National Security Agency, FBI, CIA, DoD and your state and local police. Could such a network long remain secure? There is a tradeoff between secure and usable.

The really big cybersecurity question may not be paralyzing attacks but information and ideas in the public arena that get people thinking. Beijing is well aware of this and, as part of its cyberwar capacity against "foreign hostile forces," employs many "cyber militia" units, especially to guard against foreign media penetration, a strategic threat. 

I'll never forget a few years ago, when I was lecturing at a Chinese university, a drunken young driver ran over two women students at another campus; one died. When police approached, he shouted, "My father is Li Gang!" a local deputy police chief, a warning that he could not be arrested. 

Chinese media blotted out all mention of the incident. Misuse of power is frequent in China but embarrassing to the regime. Chinese students are highly connected by social media and soon the tweet "My father is Li Gang!" blanketed China. Students used the phrase to snicker at corrupt authority.

I asked my host what that phrase meant (I already knew), and he nearly lost control of his car. "Where did you hear that?" he asked amazed. I told him that I read it in the New Yo Simply Shocked in Cyberspacerk Times on a laptop that morning in my hotel room. The NYT Beijing bureau had written a story from the tweets and sent it to New York, which posted it worldwide - from one side of the earth to the other and back again, in seconds. 

Beijing strives to keep ugly incidents out of the news, but that's hard if a few hundred million have handheld social-media devices. The NYT's new Chinese-language edition was blocked in China after it revealed the net worth of the prime minster's family (staggering). The NYT practices several and ever-changing work-arounds which allow it to get through.

At this point, could China go offline, shut down its networks, and let fear of cyberdisruption trump the marvels of cyberutility? If it tried, hundreds of millions of citizens would protest and know that the regime is running scared. If it screens everything, as China attempts with tens of thousands of censors, millions are proud to leap over the Great Firewall with freeware from friends. And that, I think, is why we do not try to seriously control cyberspace, because ultimately its openness works for us.

No comments: