For China And U.S., An Attempt To Clarify Rules Of Cyberwarfare
AUDIE CORNISH, HOST:
The U.S. tech industry has long been a favorite target of cyberattacks from China. Now Defense Secretary Chuck Hagel is in Beijing, where he's set to give a speech encouraging more dialogue between the U.S. and China over cyberwarfare. Here to talk more is Richard Bejtlich. He's the chief security strategist at FireEye, a global network security company. Welcome to the program.
RICHARD BEJTLICH: Thanks, Audie.
CORNISH: This visit by Secretary Hagel comes with reports in The New York Times that the U.S. was trying to engage China, kind of swapping information about its cybertech capabilities. What exactly does that mean, though? I mean, what's the point of telling China what the U.S. is up to?
BEJTLICH: Well, the United States is - or at least this current administration is operating under the assumption that it is beneficial to both countries to let each side know what are the things that if you go too far, it will have some type of repercussions. Unfortunately, this type of strategy is not really going to get anywhere with the Chinese because they are unwilling to publicly talk about their capability. They frequently will deny that they have anything to do with any sort of offensive hacking activity. So neither in public nor private are they willing to talk about it.
CORNISH: So the idea here was to set up rules of the road, so to speak. But it sounds like this is very different. The countries feel differently about this than, say, how people thought about nuclear weapons between the U.S. and the Soviets.
BEJTLICH: Well, it's funny you bring up nuclear weapons. I'm not a nuclear weapons strategist, but I've studied some of the issues surrounding it. And what you find is that when you have a situation where there's a stronger power and a weaker power - and in this case the cyber equivalent would be the United States is the stronger power - there is no real strategic benefit for the Chinese to reveal the types of capabilities that they have.
CORNISH: The U.S. and China have been dealing with cyber-espionage for a long time, what's the danger of real escalation?
BEJTLICH: The escalation problem is this, when you conduct any type of espionage activity in cyberspace, the same level of access that you have to steal information or to simply look at information is the level of access, you need to destroy it. If you can access a system to take information, you can also destroy that system.
So anytime the United States sees any foreign actors, or even domestic actors for that matter, in sensitive areas and critical infrastructure, it's difficult to know if they're there to spy or they're there to destroy. That's one of the reasons why we get very concerned when we see any actor operating in those infrastructures.
CORNISH: Richard Bejtlich, I'm hearing you sound very dubious about what the U.S. is trying to do here. And as someone who is in the commercial security network industry, why so glum? Is it that you don't think that the government can do much about it, or you see limits to kind of nationalized cyberwarfare?
BEJTLICH: Yeah, that's right. I think no company wants to invite a government agent or agency into its networks for defensive purposes. There's nobody out there who'll do it. Even when you hear reports that Google was working with the NSA or these sorts of things after Google's breach in late '09, early '10. It was more information sharing. You know, Google says we've seen these actors, what do you know about them, NSA? It's not calling on the NSA or the FBI and any other agency to defend their network. The government has its hands full trying to defend its own networks. And it's a major initiative right now to simply have DHS to get into a position to watch the rest of the federal government. And DOD pretty much takes care of itself.
So there just isn't capacity to have government actors defending private citizens. And also, the private citizenry doesn't trust the government, doesn't believe that they will protect their network in a way that's consistent with privacy.
CORNISH: Richard Bejtlich, he's the chief security strategist at FireEye, a global network security firm. Thanks so much for speaking with us.
BEJTLICH: Thank you, Audie.
(SOUNDBITE OF MUSIC)