USA Bulks Up Cyber-Defense

[Hum]

WASHINGTON ?- Obama administration officials said Tuesday they have "serious concern" with China's alleged cyber-snooping and are raising the issue "at the highest levels" in Beijing, on the heels of a report that claimed China's People's Liberation Army had stolen data from 115 U.S. companies over a seven-year period.

U.S. officials would not comment directly on the report. But they said the U.S. is bulking up its cyber-defenses while stressing a new -- albeit controversial -- White House executive order aimed at helping protect computer networks of crucial American industries from cyber attacks.

State Department spokeswoman Victoria Nuland stopped short of saying whether the U.S. was in a cyber-war with China.

But she and White House Press Secretary Jay Carney said U.S. officials have started a dialogue with the "highest levels" of the Chinese government, including with "officials in the military."

"It is a major challenge for us in the national security arena," Carney said, adding that it is known that foreign countries and companies "swipe" sensitive U.S. information.

Pentagon spokesman George Little also said the U.S. is a "victim of cyber-attacks from various places around the world," and continues "to shore up our cyber defense which this department is doing."

Stolen information includes details on the proprietary process in some companies, blueprints and contact lists, according to the report.

The threat from China and other countries has already been setting off alarm bells in Washington.

During his State of the Union address on Feb. 12, President Obama acknowledged America's growing threat from cyber-attacks without mentioning China by name.

Obama signed an executive order aimed at helping protect computer networks of crucial American industries from cyber attacks. His order calls for the development of voluntary standards to protect the computer systems that run critical sectors of the economy -- such as transportation and banking industries.

more

[Growled Member]

State Department spokeswoman Victoria Nuland stopped short of saying whether the U.S. was in a cyber-war with China.

Of course it's cyber war. It's been war for years. All sides do it looking for an advantage.

[+Gary7 Subscriber²]

It is about freaking time.

[Hum]

Amazing that hackers can ring our alarm bells.

[ANON86364]

It's been a joke to me that the US federal government, which was created to protect the homeland, has let this carry on as if it's somehow different than the Chinese coming on our shores and stealing US assets. For years this has been going on and if we know about it, surely the government has and done nothing. This is a failure in national defense and because the majority of people don't understand it, the government won't be held accountable.

[FloatingFatMan]

^ UUuh, yeah, right... They've done absolutely nothing.

*cough*Stuxnet*cough*cough*

[Torolol]

^ but that the "offense" doing or some politcal correct would say "pre-emptive" one,

but its not the "defense" or "preventive" one.

[aberg]

Reminds me of Threat Vector by Tom Clancy.

quote:

Chinese cyberwarfare experts have launched a devastating attack on American infrastructure. It's a new combat arena, but it?s every bit as deadly as any that has gone before.

[ANON86364]

^ UUuh, yeah, right... They've done absolutely nothing.

*cough*Stuxnet*cough*cough*

Stuxnet is not relatable at all. I am talking about defenses or at least an interest in backing up our homeland against outright attacks. To me, it's no different and no less dangerous for foreign parties to be attacking our nation "or her interests". The private sector should be an interest that our government should protect no less than any "tangible" property.

[ShareShiz]

This is just another way for the US government to say "We are the worlds police. It's time to censor the internet"

Why should it be the governments responsibility when it should be the companies getting hacked's fault

[ANON86364]

This is just another way for the US government to say "We are the worlds police. It's time to censor the internet"

Why should it be the governments responsibility when it should be the companies getting hacked's fault

And this is the question that will require debate and care when legislating. The reality is, corporate espionage in the classical sense is serious and somehow the intangibility of information has deemed it less so. I would at least except the same consequences across the board.

I'm not even saying that the US government should be more of a "world police" but that each country should be protecting their interests as seriously as they do physical property, hell, the likes of the RIAA/MPAA sure do. The country's economy is just as valuable as anything.

[theyarecomingforyou]

It's been a joke to me that the US federal government, which was created to protect the homeland, has let this carry on as if it's somehow different than the Chinese coming on our shores and stealing US assets. For years this has been going on and if we know about it, surely the government has and done nothing.

The idea that China is acting unilaterally is laughable. We've already had an admission from the US government that it created Stuxnet and that's just the tip of the iceberg. The US is simply annoyed that China is responding at a similar level but we shouldn't be surprised when even Iran can hack US military drones. As for the idea that the US government has done nothing about it, I simply don't find that at all credible. Has it's handling of the situation been competent? Possibly not but it's certainly not as is the US government has simply sat there doing nothing. Considering that the US has been actively engaging in computer espionage and sabotage I find it very unlikely that it has done nothing to mitigate the risk posed by cyber attacks.

[PGHammer]

This is just another way for the US government to say "We are the worlds police. It's time to censor the internet"

Why should it be the governments responsibility when it should be the companies getting hacked's fault

Please - EVERY nation has critical infrastructure that relies on computers. (It's FAR from unique to the United States.) Nations that wish the target no good will seek ANY advantage they can over that target. (In the case of the United States, there ARE nations that - as a matter of public record - wish us ill. Iran and the Democratic People's Republic of Korea AKA North Korea are simply the obvious examples.) What is critical infrastructure is not ALWAYS owned or operated by the government - in the United States, this is the case MOST of the time. (Most of the electrical grid is not under the control of ANY government - local, state, or national - even in California; how much of the critical interconnects - just in California - are under the direct control of CALPINE or another national-government, state-government, or local-government entity?)

The issue is real - and has been for years. The bigger problem is that solid security - even physical security - is a major expense; the greater the value of what needs protecting, the higher the cost of protecting it gets. When threats - and especially external threats - are NOT that obvious (Stuxnet wasn't obvious at all), there is a decided tendency to stick the head in the sand and ignore it. (Look at Neowin's own Internet/Network/Security forum - do you REALLY think that it's any different outside of it?) Worse, a lot of us here on Neowin are just as mule-headed in terms of far more quantifiable threats - yet we expect our governments NOT to be. (Having worked in the "sausage factory" that is our national government, I know better, and it does NOT make me feel good at all.)