Slashdot Mirror

← Back to Stories (view on slashdot.org)

Retaliatory Cyber Attacks Are Only Way To Stop China, Says Former FBI Director (afr.com)

Posted by ryuzaki0 on from the foreign-affairs dept.

Targeted cyber attacks and a strong deterrence capability are the most effective way of preventing China and other countries continuing to steal Australian commercial secrets, according to a former director of the Federal Bureau of Investigation. From a report: Louis Freeh, who ran the FBI for almost eight years until 2001, said the threat of criminal charges or jail time would do little to prevent state-sponsored hackers from continuing to steal valuable intellectual property. "It's like trying to serve a subpoena on [Osama] Bin Laden -- it's not very effective," Mr Freeh said on the sidelines of a speech in Sydney on Monday night. His comments come as the federal government considers how best to respond to a surge in cyber attacks directed by China's peak security agency over the past year. An investigation by The Australian Financial Review and Nine News confirmed China's Ministry of State Security (MSS), was responsible for the recent wave of attacks on Australian companies. These formed part of what is known in cyber circles as "Operation Cloud Hopper", which was detected by Australia and its partners in the Five Eyes intelligence sharing alliance.

18 of 105 comments (clear)

  1. View on China Needs to Change by sycodon · · Score: 5, Insightful

    China is not really our friend in any sense.

    They steal intellectual property

    They use state subsidies and subpar working conditions to undercut our products

    Their, "students" are usually tools of the Government.

    While it is doubtful the US and China will ever engage in some kind of ground war, it is probably inevitable that some kind of air/sea conflict occurs. Given the tremendous economic entanglements, it will be a very bizarre conflict.

    --
    When Fascism comes to America, it will call itself Anti-Fascism, and tell you to give up your guns.
    1. Re:View on China Needs to Change by Virtucon · · Score: 4, Interesting

      You didn't mention the BGP attacks they've been conducting lately. They're a bad actor in terms of Internet trust and it's time to cut them off.

      --
      Harrison's Postulate - "For every action there is an equal and opposite criticism"
    2. Re:View on China Needs to Change by DNS-and-BIND · · Score: 2

      If this is the case then why did we build China into the behemoth it is today? China used to be a poor, backwards country until our elites decided to let it into the WTO. Afterwards our factories died and our working class fell into poverty as China became a force to be reckoned with.

      --
      Shutting down free speech with violence isn't fighting fascism. It IS fascism!
    3. Re:View on China Needs to Change by Anonymous Coward · · Score: 2, Insightful

      "to undercut our products"

      have you been paying attention to how globalisation works?

      it wasn't China's fault that America outsourced their entire manufacturing base to them.

      it was the fault of greedy corporate CEO's who wanted to maximize profit for shareholder gains (loss of American jobs be damned), plus the mindless consumerist working folk who valued getting a good deal above all else (loss of American jobs be damned).

      so yes, it was all your own fault.

    4. Re:View on China Needs to Change by DNS-and-BIND · · Score: 2

      Uh, did you respond to the wrong comment? China wallowed in poverty for decades before our elites admitted them to the WTO. This was what crushed our working class and enabled China to become wealthy beyond its wildest dreams. Their descent into poverty was not caused by the Japanese (WTF?) nor encouraged by the Americans (double WTF - America was China's staunch ally against the Japanese, something largely forgotten today). This tragedy was caused by Marxism.

      --
      Shutting down free speech with violence isn't fighting fascism. It IS fascism!
    5. Re:View on China Needs to Change by MikeMo · · Score: 2

      In the case of "our elites", it was Bill Clinton that signed the Most Favored Nation pact with China. It's that pact that gave them everything.

    6. Re:View on China Needs to Change by jbengt · · Score: 2

      No, Archtech did not respond to the wrong comment. They just went farther back in history than you were talking about in your comment.

  2. Better Idea by alvinrod · · Score: 4, Insightful

    Instead of starting some kind of cyber war, why not have our guys act as white hats and target Anerican firms and government organizations. Find breaches and alert the concerned parties so they can get filled in.

    It gives our guys practical experience and helps protect American citizens and businesses. It even affords a good job opportunity for the kind of mischievous minds that might otherwise cause some of that trouble.

    1. Re:Better Idea by pr0fessor · · Score: 2

      Using our talent to increase our security sounds a lot better than an ever escalating cyber feud, that will have more impact on our businesses, the people that work there, and the people that depend on services they provide than the governments that started the feud.

       

    2. Re:Better Idea by Voyager529 · · Score: 2

      the US government doesn't have that kind of contralized control and people would never stand for it.

      Hahahahahahahahahahahahahahahahahaha!

      I think what Amimojo was getting at was that there is no American analogue to the Great Firewall of China. Japanese internment camps or Bay of Pigs or Area 51 can be searched without consequence in America; Tienanmen Square in China...less so.

      Yes, the federal government has enough tentacles that there's a decent amount of centralized control in an abstract sense, but when Net Neutrality was on the table for response, Americans flooded the DC switchboard and told them where to shove it. Americans aren't going to vote in favor of a Great Firewall of America, and even if the response is, "well, the elites will implement one anyway", it's not completely outrageous, but the moment it goes into effect, the consequences will be very difficult to predict and may well backfire.

  3. And here is a different idea by gweihir · · Score: 2, Interesting

    Maybe have IT security that is not cheapest possible, but actually works? That would also have the advantage that China may actually be stopped. "Hacking back" is still the most stupid idea possible in this space. But especially for China, has this person forgotten that the Chinese have their whole country behind a big firewall?

    --
    Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    1. Re:And here is a different idea by pr0fessor · · Score: 4, Informative

      This goes right a long with governments that want to have back doors to fight terror and crime but somehow magically it's only going to work for them and the bad guys will never be able to use it against us.

      In the end we have aloud the uninitiated to set policies for something they don't understand and the resulting mess is going to be hard to clean up.

  4. Re:Right... by Anonymous Coward · · Score: 3, Interesting

    It's a good thing it's not possible for hackers to spoof their origin to make it look like it's their competitors doing the hacking.

    Are you trying to claim China DOESN'T have an organized, state-sponsored dedicated cyberwarfare unit?

    And that the intelligence and law envforcement agencies of the US, UK, Australia, Canada, and others can't track at least some of that unit's activities?

    If you can't credibly claim all that, you're just an ignorant blowhard trying to confuse things.

  5. Attack what exactly? Defense is what we need! by Opportunist · · Score: 4, Insightful

    What do you want to attack? Want to steal back the trade secrets they got from us? How do you steal from someone who has nothing that you could possibly want? What kind of deterrent is it when you throw a nuke into a mostly void desert? It costs you a nuke and doesn't bother your enemy at all.

    Instead get your defense up to speed! The itsec situation in most companies is atrocious. And I'm not talking about irrelevant mom'n'pop shops, we're talking large and very juicy targets for international criminal actors. If anything, the FBI should start treating sloppy IT security as what it is: A criminal offense.

    But no, wait, we can't do that! Then our corporations would have to do something about their IT security! That could cut into their bottom line! No, let's instead wage a silly "cyber" war we can't win on taxpayer money. One silly, useless and unwinnable war that we get to foot the bill for more or less, who cares?

    --
    We used to have a Bill of Rights. Now, with the rights gone, all we have left is the bill.
  6. Re:It's more than that by Immerman · · Score: 2

    Yep, monsters. Not like America, which conducts their invasions honestly, with overwhelming military power against grossly outmatched opponents, who we falsely accuse of having "Weapons of Mass Destruction" and drag a bunch of other militaries into the fracas as well.

    Face it, all the global superpowers (and a lot of the minor ones) are all constantly throwing their weight around to try to take what they want from other countries - the big differences from a moral standpoint are mostly in how many people die in the process, and how much important infrastructure is destroyed.

    --
    --- Most topics have many sides worth arguing, allow me to take one opposite you.
  7. White hat here - lol no. Cops breaking in doesn't by raymorris · · Score: 4, Interesting

    Finding vulnerabilities and warning the vulnerable companies is what I do for a living. What we do is in no way a substitute for deterrence.

    Instead of putting muggers in jail, why don't our good guys try mugging people and alert victims that they're vulnerable?

    Instead of killing bin Laden, why don't our good guys just ram planes into all the buildings and then we'll know which buildings are vulnerable?

    Having cops break into the people's houses won't make burglary stop.

    The main benefit of vulnerability assessment, what I do for a living, is that when we make Lockheed Martin a more difficult target, the attackers focus more on Northrop Grumman, because it's an easier target. That's an advantage to Lockheed.

    We will never come anywhere close to making our county impenetrable. If we magically did, which would require a police state, two days Microsoft would release a new version of some software and we'd all be vulnerable again. Every time somebody installs anything connected to a network, there are opportunities for it to be configured poorly, and that happens a million times a day. We will never be secure. We can only make YOU a harder target than your neighbor.

    "Instead of starting a cyber war" - LOL! We're *in" a cyber war. Pur adversaries spend billions of dollars every year attacking us, and we're losing. Ignoring it and pretending it's not happening won't make it go away. The way to make a country (or a person) stop attacking you is to make it hurt them to continue, to exact a high price. If someone is swinging a knife at me, knowing I'm vulnerable doesn't solve the problem. You stop their attack by shooting them. That's what solar the problem.

  8. Honeypot of false info by hunter44102 · · Score: 2

    Why don't companies create millions of fake sites with false tech info and documents to make it impossible to figure out what they are stealing?

  9. Because... by jd · · Score: 2

    Fighting a hot cyberwar against an entire nation that can be turned into a supersized botnet (and which probably runs half the existing major botnets out there), when your own country has grotesquely incompetent IT managers, virtually no cybersecurity, a bunch of Federally-required backdoors into mission critical systems and a vast number of SCADA-based critical servers on the public Internet, is such a good idea.

    I mean, what could possibly go wrong?

    --
    It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)