[field name=”by”]
WASHINGTON — China hacks into U.S. computer systems. Do we a) protect our information with malicious software, b) disable data reading, c) send back false data or d) take more offensive measures and issue a trade embargo or boycott of Chinese goods?
A panel of Medill faculty and national security experts joined a Google+ Hangout to try to answer those questions and others about potential cyberattacks in light of a recently released report by Mandiant, a U.S. computer security firm.
This 60-page report, “Exposing One of China’s Cyber Espionage Units,” charges the Chinese army with nearly 150 cyber intrusions over the past seven years, stealing terabytes of data. (Download PDF)
“We believe that APT1 [advanced persistent threat] is able to wage such a long-running and extensive cyber espionage campaign in large part because it receives direct government support. In seeking to identify the organization behind this activity, our research found that People’s Liberation Army (PLA’s) Unit 61398 is similar to APT1 in its mission, capabilities, and resources. PLA Unit 61398 is also located in precisely the same area from which APT1 activity appears to originate.” (Source: APT1: Exposing One of China’s Cyber Espionage Units)
Watch the panel discussion.
“For the first time ever, somebody with really good knowledge had not only said, ‘We’re being hacked by China,’ but ‘We’re being hacked by the Chinese government.’ That’s pretty revelatory,” said panelist Paul Rosenzweig, founder of a homeland security consulting company.
A majority of these security breaches targeted American companies, stealing commercial information ranging from business plans to manufacturing procedures to Coca-Cola’s negotiation strategies.
“What seemed to us to not be that important of stuff, not exactly high security information, is getting picked up in this growing espionage bracket,” said Trey Herr, founder of Northwestern University’s publication, Politics and Policy.
Now that this information is public, how does the U.S. respond?
Timothy McNulty, co-director of the Medill National Security Journalism Initiative, wondered what can be considered a proportional offense to a cyber attack.
“We need to change the risk equation on the other side for whoever is acting in a way that we’re concerned about,” Rosenweig said. “We need to make it a bit painful to intrude on us.”
Panelists shot various ideas around ranging from “breaking down the great Chinese firewall” to a government sanction or boycott of Chinese goods. Rosenweig specified that the U.S. shouldn’t focus solely on a cyber response, but legal and financial pressures as well.
“We have a lot of capabilities, what we lack now are legal politician structures and will,” Rosenweig said.
The conversation shifted to information protection and measures journalists should take in protecting confidential sources and notes, a nod at the recent media outlet hackings.
“How do you keep your own secrets when you don’t know who has access to your computer systems?” McNulty asked.
Panelists advised that journalists acknowledge that their computers and cell phones can be compromised and take protection measures such as encrypting data and removing your phone battery when meeting a source.
“Your digital life is an open book to not only the Chinese government, but to the U.S. government as well,” Rosenzweig said.
