Commentary Magazine


Topic: cyber warfare

How to Deter China’s Industrial Espionage

It hasn’t gotten much attention, but this week the Commission on the Theft of American Intellectual Property—a clumsy name for a valuable undertaking—issued its findings on the threat posed by espionage against American industry, mostly in the cyber domain, and suggested steps to mitigate them. The entire report of the commission, chaired by retired Admiral Dennis Blair and former Ambassador to China Jon Huntsman, is worth reading.

It certainly underlines the size of the problem, estimating that annual losses from intellectual property theft top $300 billion and result in the loss (or more properly the failure to add) millions of jobs to the U.S. economy. It also squarely blames China as the main source of all this theft, accounting for 50-80 percent of the whole. “National industrial policy goals in China encourage IP theft,” the commission found, “and an extraordinary number of Chinese in business and government entities are engaged in this practice.”

Read More

It hasn’t gotten much attention, but this week the Commission on the Theft of American Intellectual Property—a clumsy name for a valuable undertaking—issued its findings on the threat posed by espionage against American industry, mostly in the cyber domain, and suggested steps to mitigate them. The entire report of the commission, chaired by retired Admiral Dennis Blair and former Ambassador to China Jon Huntsman, is worth reading.

It certainly underlines the size of the problem, estimating that annual losses from intellectual property theft top $300 billion and result in the loss (or more properly the failure to add) millions of jobs to the U.S. economy. It also squarely blames China as the main source of all this theft, accounting for 50-80 percent of the whole. “National industrial policy goals in China encourage IP theft,” the commission found, “and an extraordinary number of Chinese in business and government entities are engaged in this practice.”

What to do about this epidemic of industrial espionage? The commission offers some valuable suggestions, as summed up by Blair and Huntsman in a Washington Post op-ed: “denying products that contain stolen intellectual property access to the U.S. market; restricting use of the U.S. financial system to foreign companies that repeatedly steal intellectual property; and adding the correct, legal handling of intellectual property to the criteria for both investment in the United States under Committee for Foreign Investment in the United States (CFIUS) approval and for foreign companies that are listed on U.S. stock exchanges.”

Those are all valuable steps but what is really intriguing is a recommendation that the commission does not endorse at this time—but that it believes may be necessary in the future unless China mends its ways: letting companies counter-attack in the cyber domain against intellectual property thieves. Such attacks are illegal today—as is any hacking—but if it were legalized this “would raise the cost to IP thieves of their actions, potentially deterring them from undertaking these activities in the first place.” The committee didn’t endorse retaliation “because of the larger questions of collateral damage caused by computer attacks, the dangers of misuse of legal hacking authorities, and the potential for nondestructive countermeasures such as beaconing, tagging, and self-destructing that are currently in development to stymie hackers without the potential for destructive collateral damage.” It concludes: “Further work and research are necessary before moving ahead.”

These are all legitimate concerns, but given that imploring China to put a stop to its cyber-attacks has not worked, it is high time to deter such attacks by showing that the U.S. can strike back. This should not be a responsibility of industry. It is the U.S. government which is charged with the nation’s defense, and it is high time that the government—specifically the military’s cyber command—seriously consider retaliating in kind for Chinese attacks on our computer networks, both government and civilian. Only if Beijing knows that it will pay a heavy price will it stop its aggressive cyber-intrusions.

Read Less

Iran Cyber Attacks Belie Nuke Complacence

As the Obama administration and its European allies prepare to embark on yet another drawn-out and almost certainly futile round of diplomacy with Iran, the lack of a sense of urgency about the nuclear threat is once again obvious. The belief that more negotiations or sanctions can convince Tehran to abandon its nuclear ambition seems to be rooted in the idea that the West has virtually unlimited time to deal with the problem. That’s why so many in the chattering classes mocked Israeli Prime Minister Netanyahu when he famously drew a red line across a cartoon bomb when speaking at the United Nations. Some in the foreign policy establishment seem to think Israeli fears about Iran are overblown or merely a ploy by its right-wing government. But it is also rooted in a degree of complacency about Iran’s capabilities. That complacency seemed to underline the optimism about the ability of the Stuxnet virus that was reportedly unleashed on Iran by the U.S. and/or Israel last year even though it was soon apparent that it had only a temporary affect on their nuclear project.

Western overconfidence about Iran’s capabilities should have been shelved after that, as well as the wave of cyber attacks believed to have originated in Iran that crippled computers in the Saudi Arabian oil industry as well as some American financial institutions last fall. The fallout from those attacks led outgoing Secretary of Defense Leon Panetta to say that the U.S. was vulnerable to a “cyber Pearl Harbor” but in case no one was paying attention, it appears the Iranians have struck again. This time the targets were American banks, and American security experts were clear that the culprit was Iran.

That the Iranians—who are the world’s leading sponsor of terrorist groups—would wish to harm the United States is not a secret. But what seems to surprise some observers is the skill and sophistication that is evident in this cyber offensive. According to the New York Times, the nature of these attacks dwarf what the Russians did to Estonia in 2007 when it attempted to take down its Baltic neighbor’s economy. While the cyber attacks are troubling in and of themselves, they also ought to expose the idea that the Iranians are years away from a bomb as the sort of hopeless optimism that ought not influence the debate about whether to forestall the threat.

Read More

As the Obama administration and its European allies prepare to embark on yet another drawn-out and almost certainly futile round of diplomacy with Iran, the lack of a sense of urgency about the nuclear threat is once again obvious. The belief that more negotiations or sanctions can convince Tehran to abandon its nuclear ambition seems to be rooted in the idea that the West has virtually unlimited time to deal with the problem. That’s why so many in the chattering classes mocked Israeli Prime Minister Netanyahu when he famously drew a red line across a cartoon bomb when speaking at the United Nations. Some in the foreign policy establishment seem to think Israeli fears about Iran are overblown or merely a ploy by its right-wing government. But it is also rooted in a degree of complacency about Iran’s capabilities. That complacency seemed to underline the optimism about the ability of the Stuxnet virus that was reportedly unleashed on Iran by the U.S. and/or Israel last year even though it was soon apparent that it had only a temporary affect on their nuclear project.

Western overconfidence about Iran’s capabilities should have been shelved after that, as well as the wave of cyber attacks believed to have originated in Iran that crippled computers in the Saudi Arabian oil industry as well as some American financial institutions last fall. The fallout from those attacks led outgoing Secretary of Defense Leon Panetta to say that the U.S. was vulnerable to a “cyber Pearl Harbor” but in case no one was paying attention, it appears the Iranians have struck again. This time the targets were American banks, and American security experts were clear that the culprit was Iran.

That the Iranians—who are the world’s leading sponsor of terrorist groups—would wish to harm the United States is not a secret. But what seems to surprise some observers is the skill and sophistication that is evident in this cyber offensive. According to the New York Times, the nature of these attacks dwarf what the Russians did to Estonia in 2007 when it attempted to take down its Baltic neighbor’s economy. While the cyber attacks are troubling in and of themselves, they also ought to expose the idea that the Iranians are years away from a bomb as the sort of hopeless optimism that ought not influence the debate about whether to forestall the threat.

While it can be argued that a cyber attack is not evidence of nuclear progress, it does undermine the notion that the Iranians are not advanced enough to do what needs to be done to quickly convert their enriched uranium into a weapon. Iran’s Islamist government has made a massive investment in its scientific resources that are dedicated to the nuclear program and are not unrelated to the advances they have clearly made in cyber warfare. The point is that any nation that can pull off a stunt like the recent attacks on American banks is probably also fully capable of doing what needs to be done to rapidly transform their nuclear program into a functioning threat to the peace of the world.

Far from being irrelevant to the discussion about how to persuade Iran to stand down on its nuclear ambition, the hacking incidents testify to the gravity of the situation and the likelihood that they will get to their goal sooner rather than later. Those in the Obama administration who are prepared to endure another long and ineffective negotiation on the nuclear question should understand that their faith that Iran simply can’t create a bomb this year is more a matter of wishful thinking than hardheaded analysis.

Read Less

Who’s Holding the Cards in Iran Talks?

The P5+1 talks resumed today in Moscow, and the only news filtering out of the negotiations is that Iran has been even more insistent than in past meetings about getting the West to drop the economic sanctions that have been imposed on the Islamist regime. The general assumption is that this is a sign of weakness that shows the Iranians are wearying of the pain the sanctions have imposed and are liable to abandon their nuclear ambitions. But despite the hardships the sanctions have caused the Iranian people, Tehran’s bargaining position may be stronger than some Western optimists have assumed.

Iran has not budged from its demand for recognition of its right to right refine uranium while also continuing to increase the ongoing rate of production and stonewalling inspectors from the International Atomic Energy Agency. So there is little doubt Iran is playing the same game in Moscow as it did in earlier negotiating sessions in Ankara and Baghdad. Far from displaying weakness, the Iranians may still be operating on the belief that both President Obama and his European partners are more desperate for a deal — any deal — that will allow them to walk away from a confrontation on the nuclear issue.

Read More

The P5+1 talks resumed today in Moscow, and the only news filtering out of the negotiations is that Iran has been even more insistent than in past meetings about getting the West to drop the economic sanctions that have been imposed on the Islamist regime. The general assumption is that this is a sign of weakness that shows the Iranians are wearying of the pain the sanctions have imposed and are liable to abandon their nuclear ambitions. But despite the hardships the sanctions have caused the Iranian people, Tehran’s bargaining position may be stronger than some Western optimists have assumed.

Iran has not budged from its demand for recognition of its right to right refine uranium while also continuing to increase the ongoing rate of production and stonewalling inspectors from the International Atomic Energy Agency. So there is little doubt Iran is playing the same game in Moscow as it did in earlier negotiating sessions in Ankara and Baghdad. Far from displaying weakness, the Iranians may still be operating on the belief that both President Obama and his European partners are more desperate for a deal — any deal — that will allow them to walk away from a confrontation on the nuclear issue.

As William J. Broad wrote yesterday in the New York Times, “The Iranians have managed to steadily increase their enrichment of uranium and are now raising their production of a concentrated form close to bomb grade.” That they have managed to do this while surviving cyberattacks and sanctions is a notable achievement and is important to understanding their approach to the talks. Rather than the vaunted Western cyberwarfare and the possibility of an oil embargo having disabused them of the idea that they can prevail in this struggle, the failure of either approach to halt their progress may have only reinforced their sense that they are in a very strong position.

Thus, rather than a plea for help, the demand for an end to sanctions is really just more Iranian maneuvering to get the West to agree to a deal that can be easily violated. As Ray Takeyh noted in the Washington Post on Friday, the Iranians also know that even if the West was able to get Iran to agree to a compromise that would force them to export the refined fuel that could be used to make a weapon, there is no reason to suppose they couldn’t violate any accord with impunity. Once a treaty is in place, the instinct of both the Obama administration and the Europeans will be to defend the agreement, not to junk it once it has been proved to be worthless.

As Takeyh writes:

As Iran’s nuclear facilities grow in scope and sophistication, the possibility of diverting material from them increases regardless of the parameters of an inspection regime. Any large-scale nuclear facility involves moving hundreds of containers of uranium from various stations every day. No monitoring measure can account for every container. Moreover, under the auspices of an agreement Iran will have access to nuclear technologies such as advanced centrifuge models. Should Iran perfect centrifuges that operate with efficiency at high velocity, then it will require only a limited number of such machines to quickly enrich weapon-grade uranium. Such cascades can easily be concealed in small-scale, surreptitious installations that may avoid detection.

That makes even compromise proposals such as Dennis Ross’s idea that the U.S. should offer Iran the right to a civil nuclear program a pathway to failure rather than an end to the crisis. Moreover, at every step of this process, the Iranians have seen Western positions eroded and weakened as they moved ever closer to the day when their program can achieve its goal of a weapon.

The Iranians know the only reason the P5+1 talks were ever started was to create a diplomatic process aimed more at stopping Israel from acting on its own against Iran. What they have been waiting for is an indication that the West means what it says about getting tough on them rather than an excuse to keep talking. Right now, they believe their nuclear advances coupled with the West’s unwillingness to use force are all they need to guarantee their march to nuclear capability will be unhindered. Unless President Obama or EU foreign policy chief Catherine Ashton does something this week to change their minds, the Iranians will leave Moscow still thinking they are winning.

Read Less

Senators Call for Investigation of WH Leaks

Sens. John McCain and Saxby Chaimbliss are calling for a Senate probe into whether White House officials leaked details of the cyber warfare program against Iran to the media for political gain. But Senate Democrats are also furious about the leaks, according to The Hill:

Sen. Dianne Feinstein (D-Calif.), chairwoman of the Intelligence Committee, said the leak about the attack on Iran’s nuclear program could “to some extent” provide justification for copycat attacks against the United States.

“This is like an avalanche. It is very detrimental and, candidly, I found it very concerning,” Feinstein said. “There’s no question that this kind of thing hurts our country.”

“A number of those leaks, and others in the last months about drone activities and other activities, are frankly all against national-security interests,” said Sen. John Kerry (D-Mass.), chairman of the Foreign Relations Committee. “I think they’re dangerous, damaging, and whoever is doing that is not acting in the interest of the United States of America.”

Read More

Sens. John McCain and Saxby Chaimbliss are calling for a Senate probe into whether White House officials leaked details of the cyber warfare program against Iran to the media for political gain. But Senate Democrats are also furious about the leaks, according to The Hill:

Sen. Dianne Feinstein (D-Calif.), chairwoman of the Intelligence Committee, said the leak about the attack on Iran’s nuclear program could “to some extent” provide justification for copycat attacks against the United States.

“This is like an avalanche. It is very detrimental and, candidly, I found it very concerning,” Feinstein said. “There’s no question that this kind of thing hurts our country.”

“A number of those leaks, and others in the last months about drone activities and other activities, are frankly all against national-security interests,” said Sen. John Kerry (D-Mass.), chairman of the Foreign Relations Committee. “I think they’re dangerous, damaging, and whoever is doing that is not acting in the interest of the United States of America.”

Both Kerry and Feinstein rejected the idea the leaks were politically motivated, but all signs point to White House authorization for the recent New York Times pieces on cyber warfare and drone strikes. This administration has not been shy when it comes to prosecuting leaks in the past, and yet it’s been notably nonchalant about a breach of this scale.

For example, the author of the Times’s cyber warfare story, David Sanger, told Gawker that “No government agency formally requested that I not publish the story.” The White House obviously knew about the article, and could have asked the Times to hold off if it believed the story was dangerous — but declined to do so. Why? And why call an FBI investigation well after the fact?

What we don’t know is whether the leak originated from the White House in the first place, or whether administration officials simply added additional information to a story that was already being written with help from other government sources or even Israeli officials.

We also don’t know what the White House’s motivation could have been for working with Sanger. Maybe officials talked to him because he agreed to withhold information that was even more sensitive from the final story, or because they wanted to make sure the article did as little damage as possible. But because this is the second big White House leak this spring that plays into the Obama campaign narrative, McCain and Chaimbliss are right to be suspicious.

Read Less

Who is Leaking About Cyberattacks?

The Stuxnet virus, which caused Iranian centrifuges to malfunction and which became public in 2010, attracted worldwide publicity. It was always assumed by those in the know that this cyberattack was concocted by the U.S. and Israel, but neither country would provide confirmation about this highly classified program. That seems to have changed with the publication of this New York Times article by David Sanger, revealing (assuming the article is accurate) that Stuxnet was part of a covert program code named Olympic Games to wage cyber-war on the Iranian nuclear program,which Jonathan Tobin discussed on Friday.

The article is full of fascinating information that should be of great interest to American–and Iranian–readers. The question is: why are we reading this? There are probably few covert programs, if any, that are as sensitive as this one. As Sanger notes: “The United States government only recently acknowledged developing cyberweapons, and it has never admitted using them.”

Read More

The Stuxnet virus, which caused Iranian centrifuges to malfunction and which became public in 2010, attracted worldwide publicity. It was always assumed by those in the know that this cyberattack was concocted by the U.S. and Israel, but neither country would provide confirmation about this highly classified program. That seems to have changed with the publication of this New York Times article by David Sanger, revealing (assuming the article is accurate) that Stuxnet was part of a covert program code named Olympic Games to wage cyber-war on the Iranian nuclear program,which Jonathan Tobin discussed on Friday.

The article is full of fascinating information that should be of great interest to American–and Iranian–readers. The question is: why are we reading this? There are probably few covert programs, if any, that are as sensitive as this one. As Sanger notes: “The United States government only recently acknowledged developing cyberweapons, and it has never admitted using them.”

Was there, one wonders, a conscious decision made by President Obama and his senior cabinet members and generals to declassify this program through a leak to the New York Times–or was it perhaps a leak made with a wink and nudge from the White House but without a formal vetting through the interagency process? One rather suspects the latter for, just like another recent New York Times article on how President Obama personally decides who will be eliminated by CIA drones, this one casts him as a strong commander-in-chief in the secret war against America’s enemies. Suffice it to say, the president is not going to lose any votes come November for carrying out covert operations against al-Qaeda and the Iranian government–but those programs could very well be endangered by this public airing of their details. The same might be said about all the publicity that attended the SEAL raid on Osama bin Laden and the more recent public outing of the British-controlled double agent who infiltrated al-Qaeda in the Arabian Peninsula to prevent a new “underwear bomber” plot.

Leaks of highly classified information by the U.S. government are not, of course, a new development. But his recent spate of disclosures raises serious questions about who is leaking and why–and, most important perhaps, what consequences if any they will suffer for such outrageous slips of the tongue?

Read Less

Latest Leak: Obama the Computer Warrior

New York Times reporter David Sanger received wide access to high-ranking members of the Obama administration and the security apparatus to write his book about what he has termed “Obama’s Secret Wars.” The latest excerpt published in the Times today shows that Sanger is rewarding his subject with yet another account portraying the president as a bold warrior against America’s foes. The subject this time is the cyber warfare being waged by the United States and Israel against Iran and, according to Sanger, Obama was an eager advocate of turning American nerds loose on Tehran’s computers. But, as was the case with other successful elements of Obama administration counter-terrorism strategy such as the use of drones, the use of cyber weapons is another example of the president merely continuing an initiative developed by the Bush administration.

The impetus for the publication of this report may have been the revelations about a new virus called Flame that has infected Iranian computers. However, that story as well as the interesting tale Sanger tells about the last three years of covert American and Israeli efforts to halt or delay Iran’s nuclear program by means of cyber attacks, shouldn’t deceive anyone into thinking that any of these clever stratagems are a substitute for a real commitment to put an end to the threat.

Read More

New York Times reporter David Sanger received wide access to high-ranking members of the Obama administration and the security apparatus to write his book about what he has termed “Obama’s Secret Wars.” The latest excerpt published in the Times today shows that Sanger is rewarding his subject with yet another account portraying the president as a bold warrior against America’s foes. The subject this time is the cyber warfare being waged by the United States and Israel against Iran and, according to Sanger, Obama was an eager advocate of turning American nerds loose on Tehran’s computers. But, as was the case with other successful elements of Obama administration counter-terrorism strategy such as the use of drones, the use of cyber weapons is another example of the president merely continuing an initiative developed by the Bush administration.

The impetus for the publication of this report may have been the revelations about a new virus called Flame that has infected Iranian computers. However, that story as well as the interesting tale Sanger tells about the last three years of covert American and Israeli efforts to halt or delay Iran’s nuclear program by means of cyber attacks, shouldn’t deceive anyone into thinking that any of these clever stratagems are a substitute for a real commitment to put an end to the threat.

While the president deserves credit for following the advice President Bush gave him about continuing the secret program (or at least what used to be secret before the president and his staff decided they needed to spill the beans so as to enhance his chances for re-election) code-named “Olympic Games,” the subtext of the story is that the effort hasn’t really succeeded.

Though the administration gives itself great credit for proceeding with the Stuxnet virus attack even after it became public knowledge, the results do not seem to have been as impressive as the president’s cheering section would like us to think. As even Sanger notes:

These officials gave differing assessments of how successful the sabotage program was in slowing Iran’s progress toward developing the ability to build nuclear weapons. Internal Obama administration estimates say the effort was set back by 18 months to two years, but some experts inside and outside the government are more skeptical, noting that Iran’s enrichment levels have steadily recovered, giving the country enough fuel today for five or more weapons, with additional enrichment.

If that is true then it must be acknowledged that though both Bush and Obama were right to try Stuxnet and other cyber attacks, they aren’t the solution. As smart as the American and Israeli computer geeks might be, the assumption that the Iranians are too stupid or backward to defend their systems is absurd. As has always been the case with every sort of military technology invented, for every offensive tactic developed there is a defense. The fact is, despite Stuxnet and Flame, the Iranian centrifuges are still turning. The military research at Parchin has already been conducted and may now have been removed to a site Western sources don’t know about. Despite the cyber attacks and the inherent flaws that may exist in the Iranian program, they have managed to develop facilities and technology that is getting them closer to a bomb.

The covert action undertaken by the administration was appropriate and should be continued. But for all of the breathless patting themselves on the back that comes through in the Sanger piece, another familiar theme to observers of the Obama administration emerges: hostility to Israel. Sanger’s sources claim that Stuxnet’s failure was Israel’s fault.

An error in the code, they said, had led it to spread to an engineer’s computer when it was hooked up to the centrifuges. When the engineer left Natanz and connected the computer to the Internet, the American- and Israeli-made bug failed to recognize that its environment had changed. It began replicating itself all around the world. Suddenly, the code was exposed, though its intent would not be clear, at least to ordinary computer users.

“We think there was a modification done by the Israelis,” one of the briefers told the president, “and we don’t know if we were part of that activity.”

Mr. Obama, according to officials in the room, asked a series of questions, fearful that the code could do damage outside the plant. The answers came back in hedged terms. Mr. Biden fumed. “It’s got to be the Israelis,” he said. “They went too far.”

We don’t really know whether this true and neither does Sanger or Vice President Biden, but it is telling that in a piece dedicated to promoting the idea of President Obama as a ground-breaking cyber warrior, there would have to be a passage trashing the Israelis.

Leaks like these can only add to the level of distrust the Israelis feel for the administration’s intentions on Iran. The administration’s effort to enhance its image via these stories is a poor substitute for a genuine commitment to do whatever it takes to end the nuclear threat that can’t be stopped by viruses alone.

Read Less




Welcome to Commentary Magazine.
We hope you enjoy your visit.
As a visitor to our site, you are allowed 8 free articles this month.
This is your first of 8 free articles.

If you are already a digital subscriber, log in here »

Print subscriber? For free access to the website and iPad, register here »

To subscribe, click here to see our subscription offers »

Please note this is an advertisement skip this ad
Clearly, you have a passion for ideas.
Subscribe today for unlimited digital access to the publication that shapes the minds of the people who shape our world.
Get for just
YOU HAVE READ OF 8 FREE ARTICLES THIS MONTH.
FOR JUST
YOU HAVE READ OF 8 FREE ARTICLES THIS MONTH.
FOR JUST
Welcome to Commentary Magazine.
We hope you enjoy your visit.
As a visitor, you are allowed 8 free articles.
This is your first article.
You have read of 8 free articles this month.
YOU HAVE READ 8 OF 8
FREE ARTICLES THIS MONTH.
for full access to
CommentaryMagazine.com
INCLUDES FULL ACCESS TO:
Digital subscriber?
Print subscriber? Get free access »
Call to subscribe: 1-800-829-6270
You can also subscribe
on your computer at
CommentaryMagazine.com.
LOG IN WITH YOUR
COMMENTARY MAGAZINE ID
Don't have a CommentaryMagazine.com log in?
CREATE A COMMENTARY
LOG IN ID
Enter you email address and password below. A confirmation email will be sent to the email address that you provide.