Saturday, March 22, 2014

White House: Please stop saying stupid shit like this

Today's New York Times article "NSA Breached Chinese Servers Seen As Security Threat" reveals an NSA operation called SHOTGIANT that created backdoors into Huawei servers which allowed them to spy on company communications. This is, of course, precisely what the U.S. government has accused Huawei of doing to the U.S. The unfortunate difference is that now we've been caught at it and Huawei hasn't. This doesn't mean that Huawei has never done such a thing. As the saying goes, lack of evidence isn't necessarily evidence of lack. What it does mean, however, is that the White House, Congress, policymakers and National Security advisors need to stop saying stupid shit like this:
“We do not give intelligence we collect to U.S. companies to enhance their international competitiveness or increase their bottom line. Many countries cannot say the same.” - Caitlin M. Hayden, White House spokeswoman
When it comes to national security, there is nothing that will prevent the U.S. government from acting in its own self-interest, because that is precisely what nation states do. If there was such a thing as state-owned enterprises in the U.S., like they have in China, Russia, and France for example, I have no doubt that the NSA would be the best in the world at stealing intellectual property to benefit U.S. SOEs. The only reason why the NSA doesn't do it is because we don't have any!

It seems like no one knows exactly what is contained in Snowden's documents, but perhaps a good rule of thumb would be to give up the strategy of invoking a moral high ground. As far as espionage goes, we don't have a leg to stand on. The NSA will do what it is tasked to do. So will China's MSS, Russia's FSB, and every other spy agency in the world.

A better strategy would be to find ways to encourage China to develop a body of intellectual property law and create MLATs between U.S. and Chinese law enforcement to help them catch hackers who are attacking Chinese government websites. There's a lot of value to be gained in understanding and identifying independent mercenary hacker groups operating within China's IP space because they don't only target Chinese websites. To put it as simply as possible - our current strategy on Chinese cyber espionage activities has not only had ZERO effect, it has made us look ineffective and hypocritical. It's time for a change.

2 comments:

  1. > If there was such a thing as state-owned enterprises in the U.S., like they have in China, Russia, and France for example, I have no doubt that the NSA would be the best in the world at stealing intellectual property to benefit U.S. SOEs. The only reason why the NSA doesn't do it is because we don't have any!

    That isn't really fair.

    The reason the US doesn't have state-owned companies is exactly because state ownerships creates incentives for the state to unfairly favor their own companies. So if a US "rule" to discourage unfair play works in this specific case of unfair play, then the US is indeed a bit better than China.

    ReplyDelete
    Replies
    1. And of course the irony is that Huawei is not a state owned enterprise. This is one of the reasons why it has competed so effectively against US interests, and thus become a target.

      Delete