James Lewis' article, by the same title, appeared in the Washington Post on 24 March 2013.
Lewis makes 5 statements that he claims are "myths" about Chinese hacking and makes these assertions about each one:
1. We are not in a cold or hot war with China in Cyberspace
2. Chinese hackers don't have to be good since U.S. industry is so bad at protecting their systems
3. China would attack the U.S. infrastructure only if the regime were threatened
4. Cyber-espionage is only making a small dent in the U.S. economy
5. Economic espionage is carried out by China but not by the U.S. The U.S. needs to "make the line clearer and discourage China from crossing it."
You can read enough of my book on this subject at http://www.amazon.com/The-Chinese-Information-Communications-ebook/dp/B00BUTEHEA/ref=sr_1_1?s=digital-text&ie=UTF8&qid=1366117421&sr=1-1&keywords=dennis+f.+poindexter
to get the idea that I don't agree, with the exception of the last point.
When Leon Panetta was asked whether we were at war with China, he didn't say no - he said, "it depends on your definition of war." Lewis apparently has never heard of Information War, defined by RAND and Defense Department doctrine as: Economic, Command and Control, Electronic, Intelligence based, Psychological, Cyber, and Hacker War. It looks like war the way the Chinese practice it.
Hacking is part science and part art, and the Chinese may be less inclined to the artful side of it. They are getting caught, and really good hackers don't, but it isn't because the industries of the world have bad security programs that they succeed. That is like saying robbery victims are really bad at defending themselves. The real reason is our lack of agressive action against them.
The point about China not attacking the U.S. infrastructure is not valid because putting software in the electrical grid is construed by some as an act of war, especially if it is put there to demonstrate a capability, and they have the doctrine to back up its use. They are, and they have the doctrine to back up its use.
Look at these two jets: http://en.wikipedia.org/wiki/File:RSAF_Typhoon_at_Malta_-_Gordon_Zammit.jpg &
http://en.wikipedia.org/wiki/File:J-10a_zhas.png
When the Chinese steal a technology they are stealing development and testing time. There are good and bad consequences for them in doing that, but I believe they are mostly good. And, they don't just do that. They counterfeit, produce products without a license, and other things equally distasteful. Ubiquity lost 35% of their share value because they underestimated the amount of counterfeiting of their network equipment. Why should a U.S. company have to estimate the amount of counterfeiting China is going to do to maintain its stock price?
In his last point, he assumes the U.S. should continue to play by the same rules we have always used, while the Chinese do the same. We need to think about changing the rules so we both play by the same set.
No comments:
Post a Comment