US & China Are Escalating Their Cyber War

Uploaded on 2015-09-08 in INTELLIGENCE-Hot Spots-China, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, INTELLIGENCE--USA, NEWS-Cybersecurity News

defense-large.jpg

Threet & Response: A Snapshoy of the Cyberwar.

"Admiral, is China an adversary?" On July 30, U.S. Republican Senator Tom Cotton asked that question to Adm. John Richardson, who is President Barack Obama's nominee to be the next chief of naval operations. 
Heretofore, the most common answer in official Washington to that question has been to describe China as a competitor, not an adversary. Richardson avoided a straight answer; he said China was "a complex nation," doing some things that possessed an "adversarial nature." But by declining to give the standard response, Richardson may have signaled a transition in official thinking to the view that China is in fact an adversary.
The Obama administration now faces a critical decision on two flashpoints created by Chinese aggression. The first is how the United States government will respond to the cyber intrusion into the Office of Personnel Management (OPM) database, an attack that resulted in the theft of over 20 million government personnel records. The administration has reached a series of conclusions regarding the OPM hack that represents a significant departure from past practices. 
In the wake of the OPM data breach, establishing cyber deterrence with China will require inflicting punishment on their decision-makers in a way that harms their interests (in order to demonstrate that it is possible to do so), and promising more to come if these decision-makers don't change their behavior. And that will likely require much sterner measures than the diplomatic protests and Justice Department indictments that have thus far had no discernible effect. Critics of retaliation will protest that a response will only result in an escalating cyber war between the two countries, with the United States more exposed to the damage that would bring. 
The second flashpoint is of course Chinese activities in the South China Sea. According to a recent article in Politico, a civil-military dispute is now simmering between Navy officers and officials at US Pacific Command (PACOM) and advisers at the White House. Military officials want a clear demonstration of freedom of navigation near China's outposts in the Spratly Island chain but are meeting resistance from White House advisers, who are seemingly reluctant to create a flare-up in the region, especially in advance of Chinese President Xi Jinping's visit to the United States in September.
US officials refuse to say whether US warships or aircraft have sailed or flown within 12 nautical miles of any of the seven Chinese artificial islands in the Spratlys. According to the United Nations Convention on the Law of the Sea (UNCLOS) (which China has ratified and the United States has not), artificial structures built on submerged features, which describes at least six of China's seven outposts, do not possess the 12 nautical mile territorial right. Querulous Navy and PACOM officials are concerned that a failure to defend the law with a visible demonstration will result in the gradual acceptance of China's territorial claims in the sea.
This is not a new issue but recent events have stepped up the urgency of a response. Having largely completed its dredging and land reclamation at its seven sites in the Spratlys, the next phase for China will be further structural improvements such as more offices, barracks, piers, warehouses, aircraft hangers, and military equipment. 
The United States and its partners will undoubtedly have to reckon some day with Chinese missiles in the Spratlys. But establishing the initial legal precedent of freedom of navigation by sailing and flying within 12 nautical miles of China's sand piles will be an easier decision before those missile are installed.
The upcoming summit between Obama and Xi may be the last chance to prevent China's slide from competitor to adversary. That chance is slim. China seems committed to both its cyber espionage program and its territorial expansion in East Asia on its "blue soil." We can now see in retrospect that America's long-standing, bipartisan policy of forbearance toward China has accelerated the slide and therefore should be seen as totally discredited.
Judging by media reporting, the Obama administration seems to have endorsed the principle of deterrence, enforced through punishment, to protect US interests in cyberspace. What remains unknown is how much punishment, and in what forms, the United States will have to deliver in order to establish deterrence. 
Chinese leaders are likely to presume they possess significant comparative advantages in the cyber domain, which means that retaliation and escalating cyber duels are possible. Applying deterrence theory to the cyber domain presents far more questions than answers. This does not mean that deterrence is not the right approach for the US government to take. But once on this course we should expect some surprising departures from past experiences. Finally, we should not be surprised if "cyber non-combatants" suffer some collateral damage once hostile network packets start flying in all directions.
As with the looming cyber war, such a US demonstration in the South China Sea would be merely the next move in an open-ended game. What will follow are deeper examinations about whether the United States and its partners in the region are prepared to compete in the game, and how policymakers and military leaders on all sides expect to either control escalation or attempt to use escalation to their advantage. A question no one will be asking at that point is whether China is an adversary.
Ein News:  http://bit.ly/1hPOcNG

 

« Cognitive Computing: What Can and Can’t Be Done.
Hit List: ISIS 'hacking division' Releases Details of 1,400 Military & Government Personnel. »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Apicrypt

Apicrypt

Apicrypt enables secure communications between health professionals by using strong encryption technologies.

X-act Forensics

X-act Forensics

X-act forensics are computer forensic experts with experience in cases of computer fraud, intellectual property theft, and social networking cases.

Cyphercor

Cyphercor

Cyphercor is a leading smartphone and desktop-based two-factor authentication (2FA) provider.

Spanish Network of Excellence on Cybersecurity Research (RENIC)

Spanish Network of Excellence on Cybersecurity Research (RENIC)

RENIC is a membership based sectoral association that includes research centers and other agents of the research cybersecurity ecosystem in Spain.

NetApp Excellerator

NetApp Excellerator

NetApp Excellerator is NetApp’s global start-up program that aims to fuel innovation by partnering with deep-tech start-ups.

Data Storage Corp (DSC)

Data Storage Corp (DSC)

Data Storage Corporation is a provider of data recovery and business continuity services that help organizations protect their data, minimize downtime and recover and restore data.

Qrypt

Qrypt

Qrypt has developed the only cryptographic solution capable of securing information indefinitely with mathematical proof as evidence.

Tech Vedika

Tech Vedika

Tech Vedika has access to technical guidance, training and resources from AWS to successfully undertake solution architecture, application development, application migration, and managed services.

Centre for Cyber Security Research & Innovation

Centre for Cyber Security Research & Innovation

The Centre for Cyber Security Research & Innovation is Nepal's First Academic Research Institute to focus on understanding the overall Information Security of Nepalese Organizations.

Mindflow

Mindflow

Mindflow is dedicated to bringing answers to the challenges the cybersecurity field and beyond face today.

Fairly AI

Fairly AI

Fairly AI is on a mission to democratize safe, secure, and compliant AI across the enterprise.

NVISO Security

NVISO Security

NVISO is a pure-play cyber security consulting firm, focused mainly on the Financial Sector, the Technology Sector, and Government & Critical Infrastructure.

Nagomi Security

Nagomi Security

Nagomi is changing the way security teams balance risk and defense, empowering customers to focus on what matters now.

Lightpath

Lightpath

Lightpath is revolutionizing how organizations connect to their digital destinations by combining our next-generation network with our next-generation customer service.

Amtivo Ireland

Amtivo Ireland

Amtivo Ireland (formerly Certification Europe and EQA) offers a range of certifications and related services.

Andesite

Andesite

Andesite is delivering sustained advantage to cyber defense teams through technology and community.