设万维读者为首页 万维读者网 -- 全球华人的精神家园 广告服务 联系我们 关于万维
 
首  页 新  闻 视  频 博  客 论  坛 分类广告 购  物
搜索>> 发表日志 控制面板 个人相册 给我留言
帮助 退出
春秋戈博客  
独立政治评论人士,操天下的心,吃自家的饭。  
https://blog.creaders.net/u/9039/ > 复制 > 收藏本页
网络日志正文
美中黑客协议,美国人发现吃亏上当了! 2015-10-07 00:07:26

US, China Have Dueling Definitions of Cybersecurity

Doug Bernard

October 06, 2015 7:58 AM

WASHINGTON DC—

One of the most-anticipated outcomes of the president of China’s recent state visit to the United States was an agreement between the two countries on beefing up cybersecurity and putting a halt to economic espionage. But analysts question whether the deal actually can deliver. 

In a September 25 ceremony on the White House lawn, Chinese President Xi Jinping pledged that China would not participate in cyber espionage. U.S. President Barack Obama announced that both leaders had promised their respective countries’ increased cooperation in fighting corruption, money laundering and terrorist financing online.

"This is progress,” Obama said of the agreement, “but I have to insist that our work is not yet done."

Yet less than a week after Xi’s departure, James Clapper, the top U.S. intelligence official, appeared to throw cold water on the agreement. When asked at a Senate Armed Services Committee hearing whether the framework agreement could prevent Chinese hacking, Clapper gave a one-word answer: “No.” 

A growing number of analysts are questioning whether the framework is substantive enough to improve cybersecurity cooperation between China and the U.S. C or whether any such agreement is even possible, particularly when it comes to the theft of intellectual property.

Dueling definitions of cybersecurity

“I think it was a broad statement of generalities, which is not necessarily a bad thing,” said Dean Cheng, senior Chinese affairs research fellow at the Heritage Foundation, a nonprofit think tank. “But is that enough? Depends who you ask.”

While there are no specifics in the framework cybersecurity agreement C or “common understanding,” as it’s officially known C Obama said it affirms the principle that “governments don't engage in cyber espionage for commercial gain against companies."

But that, according to Cheng, is unlikely in the extreme.

“Deterring economic espionage is hard,” he said. “OK, the Chinese agreed not to engage is cyber espionage, which they’ve always said they never did anyway. Especially on economic issues, which, again, they’ve always denied. So what have we really got?”

China and much of the West, he said, have very different definitions of what constitutes cybersecurity. In the U.S., the term usually applies to hacking attacks and the basic integrity of computer networks, he said. However, in China, “cybersecurity” applies to nearly any activity that bolsters the nation or threatens Communist Party rule.

“China just passed a new national security law, which has a very broad and expansive view of what constitutes national security,” he said. “Economics is part of Chinese national security under the new law, which directly touches on economic cyber espionage.”

“In the U.S., the government sees itself as a partner to private industry, and not in the lead in safeguarding the Web,” said Tristan Reed, security analyst at Stratfor Global Intelligence. “This contrasts greatly with a country like China, where everything serves the state.”

China and Chinese industry, he said, has every incentive to continue economic espionage against the United States.

“The U.S. has far more to lose than China in intellectual property,” Reed said, “so while this agreement is probably the most significant step yet made, it’s not the solution and it’s not likely to end or even slow attacks coming from China.”

As long as Chinese industry continues to benefit from intellectual property stolen from U.S. firms, Reed told VOA, there’s not much the U.S. government can do in the short term except to help the private sector defend its data networks. “This agreement is a move for the U.S. to find an effective long-term policy,” he added.

Cyber’s attribution problem

International agreements on cyber espionage also present a unique challenge: that of attribution, or proving that a particular individual or government is responsible for a hack.

Attribution, the first step in determining a response, “is particularly challenging,” said Reed. “Though there are a lot of attacks from China, they’re all not necessarily going to be state-sponsored. Remember, it’s the economic incentive [of Chinese industry] that’s driving this.”

Cheng agreed. “Attribution can take a lot of time, and that raises the issue of how quickly you can retaliate. Cyber’s a cheap game. It’s not quite anyone with a laptop, but it’s very close, so you have to be very careful before you start retaliating,” he told VOA. 

While governments are traditionally leery of publicly revealing and possibly compromising their intelligence assets, the U.S. Department of Justice last year took the unusual step of indicting five Chinese army officers for infiltrating computer networks of six large U.S. corporations, making their attribution evidence public.

However, such measures are rare as they can compromise other valuable national intelligence assets.

Imposing economic sanctions might be another tool for government to deter cyber espionage. But the U.S. at least temporarily pulled such sanctions off the table before Xi’s state visit.

“Part of the problem with this framework agreement, which didn’t really agree on much, is that it’s put on hold the prospect of sanctions for some period of time,” Cheng said. “It would be remarkably rude for President Obama to say goodbye to Xi Jinping and then impose sanctions. But now we have to ask how long we wait for Chinese actions to change.”

Stratfor’s Reed said that overall, the framework is a good first step, but any effective deterrence policy must by necessity involve the U.S. tech and Internet industries.

“That’s one reason for Xi’s visit to Washington state,” he said, referencing the Chinese president’s meetings with the leaders of tech giants Apple, Facebook and Microsoft, among others. “The private sector is the target, and ultimately the one [that] has to be involved in talks and any agreement.”

Cheng, who calls the agreement “not particularly helpful,” targets another group for help in building lasting cybersecurity agreements: U.S. allies such as the United Kingdom, Japan, South Korea, Israel and Canada.

“There’s a lot of players in the cyber game,” he said. “It might be more helpful to sit down with our friends and allies, who share certain views of what constitutes security and acceptable behavior, to create a shared standard among ourselves." 

"That, arguably, would have been a better first starting point, rather than meeting with a country with very different views about what is acceptable cyber behavior.”


浏览(1200) (0) 评论(0)
发表评论
我的名片
春秋戈博客
注册日期: 2014-11-06
访问总量: 1,677,475 次
点击查看我的个人资料
Calendar
最新发布
· 罗辑思维:从朱棣说说权力的合法
· 春秋戈:至今不知该干什么的军委
· 习近平王岐山的战术胜利与战略失
· 春秋戈:请教石涛,习近平是“死
· 春秋戈:中日两国青年人,应该多
· 美中黑客协议,美国人发现吃亏上
· 春秋戈:三年不见大智慧,何以惊
分类目录
【科技与生活】
· 国有此母,何愁习大大搞不定白宫
· 宋祖英,年轻的向往!
· 弹古筝女孩:铜钱飞来似雪片
· 问题在于,在整个会议期间,没有
· 法新社没有报道东盟在南海问题上
· 泰国外长真的喜欢王毅?狗血,恶
· 东盟外长会议联合声明有关中国南
· 东盟外长会议联合声明全文(补第
· 东盟外长会议联合声明全文
· 妈的,这倒是最珍贵的历史照片!
【中国政治评论】
· 罗辑思维:从朱棣说说权力的合法
· 春秋戈:至今不知该干什么的军委
· 习近平王岐山的战术胜利与战略失
· 春秋戈:请教石涛,习近平是“死
· 春秋戈:中日两国青年人,应该多
· 美中黑客协议,美国人发现吃亏上
· 春秋戈:三年不见大智慧,何以惊
· 美国海军就要进入南海中国人造岛
· 春秋戈:习近平王岐山阴谋集团的
· 资料:武昌起义(维基百科)
存档目录
2015-10-02 - 2015-10-10
2015-09-01 - 2015-09-30
2015-08-01 - 2015-08-31
2015-07-01 - 2015-07-29
2015-06-01 - 2015-06-28
2015-05-01 - 2015-05-31
2015-04-01 - 2015-04-30
2015-03-01 - 2015-03-31
2015-02-01 - 2015-02-28
2015-01-01 - 2015-01-31
2014-12-01 - 2014-12-31
2014-11-08 - 2014-11-30
 
关于本站 | 广告服务 | 联系我们 | 招聘信息 | 网站导航 | 隐私保护
Copyright (C) 1998-2024. Creaders.NET. All Rights Reserved.