Cyber Roundup (3/25): Congress strengthens stance on China, Tallinn Manual launch, CFAA may get tougher, and more . . .

Quick survey of recent cyber news . . .

***

I didn’t refer to it in the title, but I want to give top billing to a Lawfare blog post by Jack Goldsmith.  The post was in response to this recent WashPo op-ed by James Lewis where Lewis explored “Five Myths About Chinese Hackers.”  The fifth myth was “America spies on China, too, so what can we complain about?”, and in that section Lewis said that “[t]he United States, by contrast [to China], does not engage in economic espionage.”

Mr. Goldsmith laid out a very comprehensive response to several of Lewis’ points.  Notably, Goldsmith said:

  • “[I]t is not true that ‘unwritten rules’ prohibit economic espionage.”
  • [I]t is not true that the Chinese are doing something that other countries don’t do (though it is true that they do it better and more extensively than most).”
  • [I]t is not true that ‘[t]he United States . . . does not engage in economic espionage.”
  • “U.S. public and foreign audiences don’t really know the precise USG policy on foreign economic espionage.”
  • China is definitely engaging in cyberexploitation, [b]ut [the U.S. is] also doing things to China that its government views as direct attacks . . .”

Mr. Goldsmith then went on to discuss the one-sidedness of the cyber dialogue, finishing up with this interesting line: “Commentary in the United States too often proceeds on the assumption that the USG can have its cake and eat it too on cybersecurity.”

I quoted a few choice sections, but this is really a post that deserves to be read in its entirety.  I confess that I’ve often parroted the claim that the U.S. does not engage in economic espionage/cyberexploitation, and that claim is apparently wrong.  As Mr. Goldsmith notes, the better claims is that the USG  does not collect “proprietary information of foreign commercial firms to benefit private firms in the United States.”

Anyways, this is a great Lawfare blog post, definitely worth a look.

***

Via the Atlantic Council, the Tallinn Manual is going to be getting a D.C. release party “at The University Club Ballroom on March 28, 2013, in cooperation with the ABA Standing Committee on Law and National Security, Cybersecurity Legal Task Force, and the Standing Committee on Armed Forces Law.”

Here’s a useful Tallinn Manual factsheet that quickly states some of the Manual’s conclusions.

While we’re on the topic, The Washington Times’ Shaun Waterman reports that NATO concluded that Stuxnet was a use of force and “was likely illegal under international law.”  The article notes that the experts were divided on whether ol’ Stuxie rose to the level of an armed attack.

***

Stewart Baker had an interesting post for his Skating on Stilts blog that discussed Congress’ efforts to stop Chinese cyberexploitation/cyberespionage.  Baker explained that Congress “has added tough sanctions to the continuing resolution that funds the federal government and is now awaiting the President’s signature. The sanctions provision bars federal government purchases of IT equipment ‘produced, manufactured or assembled’ by entities ‘owned, directed, or subsidized by the People’s Republic of China’ unless the head of the purchasing agency consults with the FBI and determines that the purchase is ‘in the national interest of the United States.'”

***

The Hill’s Jennifer Martinez reported on how a new bill circulating the House Judiciary Committee may stiffen the CFAA.  According to Martinez, the bill “would tighten penalties for cyber crimes and establish a standard for when companies would have to notify consumers that their personal data has been hacked” while also changing “existing law so that an attempt at a cyber crime can be punished as harshly as an actual offense.”

Via The Hill article, here’s a copy of the bill.

***

This one already made its rounds on Twitter, but Yousaf Butt had a very good article for Foreign Policy on why nuclear deterrence is a bad option for cyberspace.  Butt is of course referencing a recent DoD report that suggested “threatening the use of nuclear weapons in response to the most severe cyberattacks.”  Butt argued why he thought applying nuclear deterrence to cyberspace was a bad idea, ultimately concluding that we can never fully solve the cybersecurity problem, but we can “respond by making our systems more resilient, improve our attribution abilities, and, to the extent possible, cooperate with other nations in smoking out [dangerous hackers] worldwide.”

***

Nothing really new, but Paul Wagenseil had a useful article for NBCNews that discussed 5 (probably) American cyberweapons: Stuxnet, Flame, Duqu, Gauss, and MiniFlame.

Please follow and like us:

Tags:

Leave a Reply

You must be logged in to post a comment.

Authors

Untitled Document
Professor William Snyder

Professor William C. Snyderis a member of the faculty of the Institute for National Security and Counter-terrorism at Syracuse University after fifteen years with the United States Department of Justice.

Ryan D. White

Ryan D. WhiteRyan is currently a third year law student at Syracuse University College of Law, and is also pursuing a Master of Public Administration degree from Syracuse’s Maxwell School of Citizenship and Public Affairs. Ryan spent time with Homeland Security Investigations while pursuing his undergraduate degree at Wesleyan University, and spent his first summer of law school as clerk for the U.S. Attorney’s Office in the Western District of New York. He is a member of Syracuse Law Review, the Journal on Terrorism and Security Analysis, and participates in the Veteran’s Legal Clinic. Full biography

Shelby E. Mann

Ryan D. WhiteShelby is a second year law student at the Syracuse University College of Law. She is the 2018-9 Editor in Chief of the Syracuse Law Review, as well as a member of the Journal on Terrorism and Security Analysis, and the senior editor for the Syrian Accountability Project. During her final year at the University of Missouri, she served as a full-time news producer for ABC 17 News. Shelby spent her first summer of law school at the Shelby County District Attorney General's Office in Memphis, Tenn., in the Public Corruption and Economic Crimes Unit. Full biography

Christopher w. FolkChristopher W. Folk

is a 2017 graduate of SU College of Law. A non-traditional student, Christopher returned to academia after spending nearly twenty years in the high tech industry. Christopher served in the Marine Corps, graduated from Cornell University with a B.S. In Applied Economics and Business Management, attended Northeastern University’s High-Tech MBA Program and received a M.S. In Computer Information Systems. Christopher previously worked in Software Engineering. Christopher is currently serving his second term as Town Justice for the Town of Waterloo. Christopher externed with a Cybersecurity firm in the Washington, D.C. area between his first and second year at SU College of Law. Full biography

Anna Maria Castillo

Anna Maria Castillois 2016 graduate of Syracuse College of Law. She also holds a Master of Arts in International Relations from Syracuse University's Maxwell School of Citizenship and Public Affairs. She has interned at a London-based think-tank that specializes in transnational terrorism and global security and at the legal department of a defense contractor. She served as an executive editor in the Syracuse Law Review. Full biography

Jennifer A. CamilloJennifer A. Camillo

is a 2015 graduate of Syracuse College of Law and is a prosecutor. She has served as a law clerk in the United States Attorney’s Office for the Northern District of New York and the Cayuga County District Attorney’s Office and as an extern in the Oneida County District Attorney’s Office. She was a member of the Syracuse National Trial Team and was awarded the Tiffany Cup by the New York Bar Association for her trial advocacy achievements.

Tara J. PistoreseTara J. Pistorese

holds Juris Doctor and Masters of Public Administration degrees from Syracuse University's Maxwell School of Citizenship and Public Affairs and its College of Law. She wrote for this blog when a student. She is now a member of the U.S. Army Judge Advocate General's Corps.

Benjamin Zaiser

is both a scholar and a Federal Agent of the Federal Criminal Police Office of Germany. (Opinions expressed here are his own and not any part of official duty.) Full biography

Categories

RSS
Follow by Email
Facebook
LinkedIn