Clinton said the US should ‘lead the world in setting the rules in cyberspace’.

Hillary Clinton, the Democratic Party presidential nominee and former US secretary of state, has said that if she becomes president cyberattacks against US interests will be treated “like any other attack” – and that includes military action.

The candidate, who has been investigated by the FBI over use of a private email server to store classified material, was speaking on the campaign trial at the American Legion National Conference in Cincinnati, Ohio on 31 August.

“As President, I will make it clear that the United States will treat cyberattacks just like any other attack. We will be ready with serious political, economic, and military responses,” she told the attendees, largely made up of veterans and their supporters.

“We are going to invest in protecting our governmental networks and our national infrastructure,” she continued. “I want us to lead the world in setting the rules in cyberspace. If America doesn’t, others will.”

The speech made a number of references to the rise in cybercrime – and the various rival nation states that Clinton asserted are currently attacking the US. Most recently, Kremlin-linked hackers were suspected of hacking into the computer networks of the Democratic National Committee (DNC).

“We need to respond to evolving threats from states like Russia, China, Iran and North Korea,” Clinton said in the speech. “We need a military that is ready and agile so it can meet the full range of threats and operate on short notice across every domain – not just land, sea, air and space but also cyberspace.

Source: Hillary Clinton: US should use ‘military response’ to combat Russia and China cyberattacks

Share

WASHINGTON — The Chinese government is believed to have hacked into computers at the Federal Deposit Insurance Corp. in 2010, 2011 and 2013, including the workstation of then-FDIC Chair Sheila Bair, a congressional report says.

The report issued Wednesday by the Republican majority staff of the House Science, Space and Technology Committee cites a May 2013 memo from the FDIC inspector general to agency Chairman Martin Gruenberg. The memo described an “advanced persistent threat,” said to have come from the Chinese government, which compromised 12 computer workstations and 10 servers at the FDIC.

In addition to those incidents, the committee staff has been investigating the FDIC’s response to a number of what it calls major data breaches at the agency and whether it is properly safeguarding consumers’ banking information.

FDIC spokeswoman Barbara Hagenbaugh declined to comment on the report. Gruenberg is scheduled to testify Thursday at a hearing by the committee on cybersecurity at the agency.

Zhu Haiquan, the spokesman at the Chinese Embassy in Washington, said he didn’t have detailed information on the report’s findings. “China firmly opposes and is committed to combatting all forms of cybercrimes,” Haiquan said in a statement. “China and the United States have already established a high-level joint dialogue mechanism on fighting cybercrime and related issues. This is the best channel for both sides to address this challenge. Making unfounded accusations is counterproductive.”

The issue of suspected Chinese government hacking has been sensitive since the disclosure last year of a massive breach of the U.S. Office of Personnel Management’s databases, which the U.S. believed was carried out by Chinese cyber spies. In one of the worst data breaches in U.S. history, the personal files of 21 million Americans were stolen, and the federal personnel agency came under fire for neglecting to put in basic cybersecurity protections to prevent the plunder.

The OPM breach dealt the U.S. a major national security blow, experts say, by exposing the personal information and foreign contacts of millions of people with security clearances.

Source: Chinese government suspected of hacking into FDIC computers – The Washington Post

Share

Two-Year Legal Saga Of Chinese Cyber Hack Of U.S. Military Aircraft May Be Ending.

On 28 June 2014, a Chinese businessman based in Canada was arrested on the charge of stealing information about a raft of U.S. military aircraft and weapon systems. This particular case of industrial espionage was described by the U.S. Justice Department as being “unusual for the tremendous amounts of data that is involved.” According to e-mails that were obtained by the U.S. Federal Bureau of Investigation (FBI), “tremendous amounts” came to more than 65 gigabytes over one specifically identified two-year period and involved “dozens of U.S. military projects.”

The businessman in question, Su Bin, finally agreed a plea deal with the U.S. government in March of this year in which he admitted using his company, Lode Technology, to steal data in U.S. military aircraft and weapons programs for years. Court documents also detail how he then collaborated with contacts inside of the People’s Republic of China (PRC) to sell this information to various Chinese military aircraft R&D and production centers.

The data is reported to have been stolen from different computer systems included detailed information on the Boeing C-17 Globemaster cargo lifter and two jet fighter programs for which Lockheed Martin is the prime contractor—the F-22A Raptor and F-35 Joint Strike Fighter (JSF).

Source: Cyber Warfare Episode Plays Out in Court Case | Defense News: Aviation International News

Share

This week, the 28 member states of the North Atlantic Treaty Oganization will meet in Warsaw, Poland, to discuss the future of the world’s largest military alliance. At the Warsaw Summit, NATO is expected to classify cyperspace as “Operational Territory,” making the online and digital property of member states equivalent to their geographic territory. In other words, if a foreign state messes with a NATO country’s computers, it might as well have just rolled a tank over their border. While NATO’s proclamation shows that the battlefield of the future is changing rapidly, it also proves that no one is completely sure how to conduct cyberwarfare yet.

“When I read this [proclamation], I read it like the Nigerian constitution being hard on corruption — it’s aspirational. It’s not in and of itself something that will lead to a huge outcome of change,” Josef Ansorge, author of Identify & Sort, a book which examines the role of information technology in international relations, tells Inverse.

NATO’s operates as a “collective defense” organization. Under Article Five of the official treaty, an attack on any member nation constitutes an attack on the whole alliance, who will respond in kind. The new rule technically means a cyber attack on any NATO member state would also trigger Article 5, but Ansorge says digital attacks often aren’t as clear cut as physical violence, nor is retaliating to them. Ansorge says the digital battlefield raises three crucial conundrums to world leaders: how to legally classify digital attacks, establish the perpetrators of the attack, and how to respond proportionally. In short, cyberwarfare gets very complicated, very quickly.

Source: 3 Cyberwarfare Issues NATO Should Address at the Warsaw Summit | Inverse

Share

Regional regulations are affecting cross-border data flows, whether motivated by protection of user privacy, control over the Internet, or otherwise. Europe and the U.S. have sought to protect cross-border data flows between the two regions through the U.S.-E.U. Privacy Shield. .  At the same time, there is a growing sense of concern that Asia is becoming Balkanized when it comes to cross-border data flows there.

On July 6, 2015, China’s National People’s Congress (NPC) released a draft of a Cyber Security Law for comment.  A number of multinationals and foreign business associations expressed concern about required safety certifications and inspections for “suppliers of network products and services” before market entry and mandated siting of data centers in China.  After receiving those comments, the NPC did not take action, even during the so-called “Two Meetings” that included the NPC’s annual meeting earlier this year.

Source: Latest Developments on China’s Cybersecurity Regulation – Forbes

Share