A hefty, and healthy, note of scepticism has been sounded about the US government’s high-profile announcement that it is charging five Chinese military officials with hacking the networks of American companies and stealing sensitive data.
The commentary appears on Threatpost and deals with the latest development in a tit-for-tat exchange between the US and Chinese governments, each accusing the other of cyber espionage.
IT security writer Dennis Fisher refers to the US government announcement of the charges against five Chinese officers on Monday, complete with advance press leaks, as “quite a show… All that was missing was a folding table loaded down with the weapons of choice: hard drives, mouses and keyboards.”
Fisher notes the charges and countercharges, which have been reaching stedily higher and higher levels, and the meeting between US President Obama and China’s President Xi Jinping last September, at which the issue was discussed.
“The outcome of that discussion apparently wasn’t satisfactory,” Fisher says, and so the “melodrama” on Monday ensued. “But at its core, the press conference and the indictments themselves are a lot of sound and fury signifying nothing. Let’s be honest; the chances of any of these men ever setting foot in the U.S. to face these charges are roughly zero point zero.
Great strides have been made in tracking down those responsible for cyber crime, but extraditing the criminals so they can face charges in a domestic court has proven to be almost impossible, Fisher says.
“Researchers and law enforcement agencies are getting better at the attribution part of this problem, identifying who is behind a given attack. But finding those attackers and then somehow convincing a perhaps not-so-friendly government to hand them over for prosecution in the U.S. is the hard part.”
China of course has little incentive to cooperate with the US, given the friction between the two countries. To make matters worse, or certainly murkier, the US hardly has its hands clean.
“As the Snowden revelations of the last year have shown, the NSA and the U.S. government have turned the Internet into a turnkey surveillance platform, bending the global network to its will and its purpose,” Fisher says. “The latest evidence of this also surfaced Monday, with The Intercept revealing that the US National Security Agency (NSA) was recording all of the cell phone traffic in the Bahamas and another, unnamed country.”
Another irony: the US has repeatedly accused the Chinese company Huawei of simply being an arm of the Chinese government, warning American companies against buying gear from the company, as it may be compromised during manufacture.
“As it turns out, the NSA allegedly has been conducting just such operations on IT gear manufactured by U.S. companies, intercepting shipments and implanting ‘beacons’ that give the agency access to the boxes after installation,” Fisher says. (We reported that story, which just happened to have broken only a few days earlier, here.)
“None of the likely outcomes from this episode are very good for US interests,” Fisher says. “The Chinese already have said that they’re suspending participation in the China-US Cyber Working Group. If the Obama administration and those that follow in the coming years are serious about addressing this problem, it should find solutions that have the potential to produce favorable outcomes, rather than those that make a nice media splash and have no hope of actually working.”