Chinese hacking continues to build anger in American business and government circles. As a result, private companies may be encouraged to do more than passively defend their networks as evidenced by the recent report of a commission headed by two Obama appointees, former US Ambassador to China (and minor GOP Presidential candidate) Jon Huntsman and… Continue Reading
Category Archives: International
Subscribe to International RSS FeedLessons From the New York ATM Heist
Posted in Cybersecurity and Cyberwar, Data Breach, International, Security Programs & PoliciesThe announcement yesterday of charges in New York against eight members of a cybercrime ring that stole $40 million from ATMs in 24 countries, all within 10 hours, is the latest in a series of episodes that illustrate the constant threat of cyber attacks against our corporate networks. This case should be a wake-up call… Continue Reading
The Question of ‘International Law of Cyberwar’
Posted in Cybersecurity and Cyberwar, International, Security Programs & PoliciesWill international law and diplomacy limit cyberwar? Those who believe in international “norms” for cyberwar usually argue that cyberattacks on financial institutions are beyond the pale. For example, Harold Koh has declared the State Department’s view that cyberwarriors “must distinguish military objectives … from civilian objects, which under international law are generally protected from attack.”… Continue Reading
Hacking Hollywood
Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Security Programs & PoliciesThat might sound like breaking news from 1983, but this time we’re not talking movie plots, we’re talking business. Specifically how Chinese cyberespionage could affect Hollywood’s bottom line. The Hollywood Reporter asked me to talk about that impact in a guest column, out this week. Here’s some of what I said: Hollywood might be blinded… Continue Reading
The Hackback Debate Revisited
Posted in Cybersecurity and Cyberwar, Data Breach, International, Privacy Regulation, Security Programs & PoliciesLast fall, Orin Kerr and I engaged in an online debate over the Computer Fraud and Abuse Act — specifically whether it is lawful for the victim of computer crime to follow his stolen data into networks controlled by the thief. The debate spread across several posts and into the comments, but it’s been pulled… Continue Reading
Found: The PLA’s University of Hacking
Posted in China, Cybersecurity and Cyberwar, International, Security Programs & PoliciesBloomberg Businessweek has a remarkable story about the identification of another Chinese hacker. It’s a long, tangled, and fascinating tale of good sleuthing by several researchers, but the trail ends with Zhang Changhe, a digital entrepreneur and teacher — at a People’s Liberation Army school that is suspected of training PLA hackers. In the denouement,… Continue Reading
Up the Ladder We Go
Posted in China, Cybersecurity and Cyberwar, International, Security Programs & PoliciesOnce again, Ellen Nakashima of The Washington Post has broken a cybersecurity story: A new intelligence assessment has concluded that the United States is the target of a massive, sustained cyber-espionage campaign that is threatening the country’s economic competitiveness, according to individuals familiar with the report. The National Intelligence Estimate identifies China as the country… Continue Reading
They Really Don’t Know Clouds At All
Posted in International, Privacy Regulation, Security Programs & PoliciesEvery new computing technology seems to bring with it a privacy flap. Right now, cloud computing is going through that phase, at least outside the US. Canadian and European elites fear that putting data in the cloud will somehow let the US government paw through it at will, a fear that usually centers on Section… Continue Reading
Prosecuting Cyberespionage – Justice’s New Strategy
Posted in Cybersecurity and Cyberwar, International, Security Programs & PoliciesThe National Security Division of the Justice Department may be getting on the cyberspace attribution/retribution bandwagon — and in the process, reshaping US strategy for deterring cyberespionage. First, they are creating a new liaison position in US Attorney offices across the country — the National Security Cybersecurity Specialist, or NSCS (rhymes with “discus meniscus” for you… Continue Reading
US Head of Delegation at WCIT Badmouths Deep Packet Inspection
Posted in International, Privacy RegulationIt’s been a contentious meeting in Dubai at the World Conference on International Telecommunications (WCIT), where the United States and its allies have been trying to fend off efforts by Russia, China, and others to expand the writ of the International Telecommunications Union to cover the Internet. Besides that fundamental dispute, there have been some… Continue Reading
Finding Cyberspies
Posted in China, Cybersecurity and Cyberwar, International, Security Programs & PoliciesFor a while now I believe that attribution of hacker attacks has been rapidly improving. Well now we have confirmation from a Ken Dilanian scoop in the LA Times. Dilanian reports that “the U.S. intelligence community is nearing completion of its first detailed review of cyber-spying against American targets from abroad, including an attempt to calculate U.S. financial losses from… Continue Reading
Why Do the Feds Care About Officials’ Private Emails?
Posted in China, Cybersecurity and Cyberwar, International, Security Programs & PoliciesFor those who have wondered why the feds cared about what former CIA Director David Petraeus was doing on his private email account, recent reports on hacks into the personal computers of former Chairman of the Joint Chiefs of Staff Mike Mullen provide at least a clue. Mullen’s personal computers, which he used while working… Continue Reading
More on Cybersecurity and Attribution: Si Chuan University and Tencent
Posted in China, Cybersecurity and Cyberwar, International, Security Programs & PoliciesPreviously, I told the story of how Trend Micro identified “Luckycat,” a Chinese hacker who had attacked the Dalai Lama, aerospace firms, and other targets. Based on what we know so far, the likely hacker is Gu Kaiyuan, formerly a student at Si Chuan University’s Information Security Institute and currently employed by the large Chinese instant… Continue Reading
The Importance of Cybersecurity
Posted in China, Cybersecurity and Cyberwar, InternationalFor those who think I’m a little paranoid on the subject of cybersecurity, I share this story – a nightmare made in China for a small US businessman. Brian Milburn’s parental control software was pirated and used in a China’s infamous Green Dam software. When he sued, hackers tied to the Chinese government attacked his networks… Continue Reading
Europe’s ‘Right to be Forgotten’ Privacy Protection Moving to the US?
Posted in Data Breach, International, Privacy RegulationIn his recent post, Eugene Volokh of the Volokh Conspiracy recently discussed whether it can ever be libelous to say, accurately, that someone has been arrested after the arrest has been expunged. The New Jersey Supreme Court rightly described the idea as Orwellian and rejected it. However, in Europe a version of this rule is… Continue Reading
China Could Have “Pervasive Access” to 80% of Global Communications Through Huawei and ZTE
Posted in China, International, Security Programs & PoliciesThis is the claim of former Pentagon analyst F. Michael Maloof that stories and podcasts are repeating but provide much new supporting evidence. Maloof’s own report is interesting and extensive, and it does indeed make the claim I’ve headlined: The Chinese government has “pervasive access” to some 80 percent of the world’s communications, giving it the ability to… Continue Reading
More Trouble for ZTE
Posted in China, International, Privacy RegulationZTE, the huge Chinese telecom equipment manufacturer, has found themselves in a kind of perfect storm. A storm largely of their own making. First, ZTE and its larger Chinese rival, Huawei, have been the subjects of great national security concern for years. As I discussed last month the US intelligence community is worried that, if allowed to install equipment… Continue Reading
China-US “Proxy” Cyberwar Negotiations?
Posted in China, Cybersecurity and Cyberwar, InternationalOver the past three years think tanks in China and in the US have been conducting what could be called “proxy” negotiations on cyberwar and cyberespionage. The China Institutes of Contemporary International Relations and the US Center for Strategic and International Studies are establishment institutions, with just enough independence from their governments to make the talks… Continue Reading
Chinese Telecoms Investigation
Posted in China, Cybersecurity and Cyberwar, International, Security Programs & PoliciesOn June 13, Stewart Baker commented on the House Intelligence Committee’s investigation of two Chinese telecom firms. Today, Stewart was quoted by Eliza Krigman on the fine balance between security and economic concerns that this investigation brings to light.
Chinese Telecom Firms Investigated by House Intelligence Committee
Posted in China, Cybersecurity and Cyberwar, International, Security Programs & PoliciesThe House Intelligence Committee is conducting a remarkably detailed and bipartisan investigation (subscription required) of ties between two Chinese telecom equipment giants, Huawei and ZTE, and the Chinese government. Widespread security fears have been targeted at these companies over concerns that their equipment would enable Chinese interception of US telephone calls, expanding American cybervulnerabilities from computer networks… Continue Reading
New Intellectual Property Regime for the EU?
Posted in InternationalThe EU competition bureau’s recent threat to punish Google because of “the way Google copies content from competing vertical search services and uses it in its own offerings” struck me. (Vertical search services are specialized search engines like Yelp and Kayak that help people find local restaurants or cheap flights and rental cars.) The EU’s vice president… Continue Reading
Cyberwar Law: Rounds Two, and Three, and Four
Posted in Cybersecurity and Cyberwar, International, Security Programs & PoliciesEarlier, I wrote an article for Foreign Policy about the foolishness of letting lawyers determine our cyberwar strategy. The ABA Journal has posted an extensive, no-holds-barred debate over the views expressed in that article. Gen. Charles Dunlap, a former deputy judge advocate general of the US Air Force, contradicts my article with passion, after which I… Continue Reading
Can Chinese Hackers Self-Police?
Posted in China, Cybersecurity and Cyberwar, InternationalChinese hackers call for “self-discipline” and an end to commercially motivated cybercrime. The Wall St. Journal (subscription required) suggests it’s because former hackers have grown up and become security professionals. But does it occur to anyone that the Chinese government might be worried about the rising tide of complaints about Chinese hacking, particularly cyber espionage against the… Continue Reading
Cyberhacking is the New Spying
Posted in China, Cybersecurity and Cyberwar, International, Security Programs & PoliciesGeneral Keith Alexander, the head of US Cyber Command and the National Security Agency, testified to Congress yesterday that China continues to hack into “defense industrial base companies” and steal military technology (see Don Reisinger‘s latest blog post). And he confirmed what was widely believed already—that China was responsible for the hacks on RSA last… Continue Reading