10 September 2016

The Global Threat That Went Undiscussed at the G20 Summit

By Dennis Blair Read bio 
September 7, 2016 

Our fight against cyber crime must grow beyond passive defense and unenforceable indictments — but it won't if leaders don't even talk about it. 

As China’s President Xi Jinping welcomed world leaders to this week’s G20 Summit in Hangzhou, he and his nation celebrated hosting this prestigious event for the first time and welcoming leaders from the top developed countries of the world. The G20 Summit, set up during the global financial crisis of 2008, attempts to strengthen international economic cooperation among all nations. This year’s G20 agenda focused on global economics, free trade, innovation, structural reforms and international anti-corruption — traditional topics that led leaders to stake expected positions and make bland commitments for cooperation.

What was not officially discussed but should have been front and center throughout the summit was the increasingly dangerous threats against every nation in the civilized world posed by cyber crime and cyber warfare. The issue with potentially the most damage to the globe was barely discussed, aside from an unscheduled meeting between Presidents Barack Obama and Vladimir Putin, of Russia, where cyber capacities were briefly mentioned.

Every day brings news of a new cyber attack against America by a hostile country or organization. Last month’s reports about the Shadow Brokers hack against the NSA continues an unfortunate pattern of cyber attacks against our homeland including: 

Chinese government hackers stealing intellectual property from American companies. Xi declared last year that it would stop, and there have been several rounds of official talks between the United States and China, but Director of National Intelligence James Clapper has not yet given China a clean bill of cyber health. 

Iranian Islamic Revolutionary Guard hackers infiltrating the computer controls of a small dam north of New York City and attempting denial of service attacks on the New York Stock Exchange and AT&T. 

Russian government-backed hackers attacked the computer systems of the Democratic National Committee, and used the results in a crude attempt to influence American politics. One of the same groups later attacked computer networks at several Washington think tanks. 

It seems that America’s enemies, including some coming from countries attending the G20, are successfully attacking the systems we depend on for our prosperity and safety, including private companies, basic infrastructure, financial systems, and our elections.

In the U.S., the losses and damage inflicted by these and other attacks have been relatively minor. But the potential for much greater damage looms. It seems that no system is safe, few organizations are doing a good job of protecting themselves, and the attacks are more brazen and more frequent.

There are three basic ways to respond: protect our networks; identify and prosecute hackers; and retaliate against the hacking organizations to punish the guilty and deter the rest. 

Better protection for networks is the responsibility of all individuals and organizations. All companies and organizations must invest in software and training to keep their communications and databases safe. A strong incentive for corporate and government improvement is that data breaches have led to executives being held accountable: the CEO of Target, a top Sony executive and the director of the federal government’s Office of Personnel Management, or OPM resigned, as did the top leadership of the Democratic National Committee.

Prosecution of individual hackers and retaliation against sponsoring government organizations are the other two means to defend networks. The Justice Department has indicted or sanctioned five Chinese military officers, seven Iranian Revolutionary Guard officers and ten North Korean officials for hacking. It is highly doubtful that these indictments have had any deterrent effect on the hundreds of other government hackers from these and other countries. Last month’s announcement of a new “Presidential Policy Directive on United States Cyber Incident Coordination” (PPD-41) was long on coordination and short on action. In addition, it did not address international cooperation. Japan, the world’s third largest economy, is the second biggest target for international cyber attacks after the U.S. Tokyo has begun organizing its defenses and is eager to cooperate with the U.S. Close collaboration with Japanese international companies and the Japanese government in training the cybersecurity workforce, and enhancing network protection, hacker prosecution, and retaliation will benefit both countries. Our other G20 partners should foster similar greater collaborative efforts on cyber security.

Retaliation can be effective although difficult since it raises a range of issues that require careful consideration: Will it lead to escalation? Will it affect other aspects of American relationships? Will there be collateral damage?

We must move from passive defense and unenforceable indictments against small fry to effective sanctions and counterattacks that bite against the hostile foreign companies and governments attacking us. At the G20, as Presidents Obama, Xi and Putin, Prime Minister Abe, and other leaders were talking about the global economy, they should also have addressed cybersecurity issues that pose such large and growing economic and strategic threats.

No comments: