November 16, 2011 | Commentary on National Security and Defense
The scene from "Casablanca" says it all.
"I'm shocked-shocked to find that gambling is going on in here," Police Inspector Renault declares. Immediately, the croupier hands the chief inspector his roulette table winnings.
Renault's disingenuousness disclaimer could be the tag line for U.S. cyber security policy. Just last month, the Director of National Intelligence delivered a report to Congress – "Foreign Spies Stealing U.S. Economic Secrets in Cyberspace." Its "shocking" conclusion: China and Russia are stealing us blind.
Quelle surprise! Chinese beachheads in U.S. cyberspace have turned up time and again for years. Not long ago Chinese hackers so thoroughly penetrated the computer network at the U.S. National Defense University in Washington, D.C., the entire system had to be shut down and cleaned out.
As for the Russians, they've long been recognized as a real "bear" online. The infamous Russian Business Network (RBN) brazenly ran all manner of illicit online operations- and there was never much doubt that they were working in collusion with Kremlin officials.
It was a mutually beneficial partnership. RBN maintained a public homepage that accepted complaints about malicious activities. The grievances were referred to the RBN "abuse team" for "investigation." The team would then dutifully request a Russian judicial indictment against the offender. Conveniently, however, it proved almost impossible to obtain the indictment.
The Russian government is widely believed to be the prime mover behind the massive 2007 denial-of-service attack against Estonia. But Moscow left no fingerprints. The Kremlin is thought to have outsourced that particular piece of cyber dirty work to a derivative of RBN.
It is hard to believe the U.S. government wasn't aware of this. Shortly after FBI Director Mueller visited to his counterparts in Moscow-RBN "disappeared." Coincidence? Or did Mueller read the Russians the riot act. Regardless, as this latest report from the U.S. intelligence community shows, both Russia's criminal networks and its intelligence service are up to no good online.
Nor is there much surprise that online evildoers are homing in on "economic" targets. It is estimated that half of the world's intellectual property is in the United States.
Another Inspector Renault moment came right after the report was released. Issuing an unbelievable, bold-faced response, China's foreign policy spokesperson dismissed the U.S. allegations as "unprofessional and irresponsible." This is rich.
In fact, the U.S. intelligence community report pulled its punches, acknowledging it could not pin all of this activity directly on the government. That is because Beijing is not stupid. It has created-and mastered-the art of "patriotic hacking," enlisting citizens to steal secrets for them and then rewarding them for their "patriotism."
Cybersecurity is a weighty issue, one that should be addressed in the upcoming GOP presidential candidates debate dedicated to foreign policy and national security.
Certainly it's a security challenge that requires presidential leadership. Currently, at least 18 major cyber bills are pending in Congress. Lawmakers are less of one mind on cyber than they are on how to balance the budget. America needs savvy cyber-strategic leaders. And there's no better place for it to start than at the top.
James Jay Carafano is director of the Allison Center for Foreign Policy Studies at The Heritage Foundation.
First appeared in CNN.com