How China has cyber-stumped the US and why Israel could be next

Open democracies like the US, or Israel for that matter, have weak underbellies, are far more vulnerable to cyber attacks and are less ready to hack back too hard.

By YONAH JEREMY BOB
Cyber hackers [illustrative] (photo credit: REUTERS)
Cyber hackers [illustrative]
(photo credit: REUTERS)
Each revelation is more shocking than the previous one.
This week a US intelligence official leaked to NBC News that China has been successfully hacking top US government officials’ email accounts since 2010 in a cyber campaign known as “Dancing Panda.”
Just over a week ago, a stunning map was revealed showing 600 successful Chinese cyber attacks against US targets traced by the US National Security Agency in recent years.
Over a month ago, 20 million Americans’ personal information, mostly that of government employees, was hacked from the US’s Office of Personnel Management.
Roughly speaking, in response so far the US has done nothing.
Why has there been no response, other than recent periodic revelations from US officials about how bad China is battering them in the cybersphere? And how could all of this trickle down to Israel next? First, back to the US.
The biggest reason the US has not done much is that it has not figured out what a proper response would be.
So far, the Obama administration has tried two tactics which were well reasoned, but did not pan out.
The first tactic was negotiation.
Obama in 2013 offered China a process for regulating cyber spying, sort of an arms control regime for the cybersphere, including rolling back wide US cyber spying on China revealed by former NSA agent Edward Snowden.
The US proposal had been to place limits on security- related spying, not eliminate it, but to totally eliminate commercial spying.
China rebuffed the offer, with most analysts saying there were two main reasons.
It objected that the US would not completely stop national security-related spying on China, and it did not want to stop commercial spying on the US to play catch up in the economic sphere.
Next, the US tried in the summer of 2014 to indict five senior Chinese officials for cyber spying in an attempt to both scare and embarrass the Chinese.
Few took this seriously, since the US is in no position to force the Chinese to extradite its officials, and in any case criminal charges are seen only as a potential response to commercial spying, not security- related spying, for which counterespionage is usually the more potent answer.
Several other options have and are being considered, but the US has been slow to make a move.
Retaliation could mean hacking and publicly revealing Chinese secrets. Hacking could go as far as breaking down China’s great firewall for censorship and controlling information within the country, opening China’s citizenry to unguarded and unmonitored Internet access, along with spilling Chinese state secrets.
The obvious purpose would be to show China that if it does not show restraint in cyber operations against the US, it will find itself far more cyber-bloodied.
If the US has such capabilities, what is holding it back? Some of it is a legal issue. In recent months, the US Defense Department released its first major new Law of War Manual in decades, including a first-ever detailed chapter on cyber operations.
Within the manual and comparing it to NATO’s Tallinn Manual on cyber operations, there are different opinions about how damaging a cyber attack needs to be to constitute a “use of force” which can be responded to with a counter use of military force.
But it seems that no one debates that cyber espionage, like any other kind of spying, is legal under international law, even as all nations on a bilateral basis will prosecute and imprison any unfriendly spies spying on them.
That means that under the current rules, a counter use of military force is not an option.
How big a counter-cyber attack can be while remaining legal is completely unclear in the fuzzy world of using deterrence in international relations.
But some of this obscures the more fundamental problem. At its root, the imbalance is that China is unhappy with US dominance in world affairs and seeks to upend the table. In contrast, the US is more and more dependent on China’s government for its major businesses trying to penetrate China’s massive consumer markets.
Put differently, open democracies like the US, or Israel for that matter, have weak underbellies, are far more vulnerable to cyber attacks and are less ready to hack back too hard, if stability and the status quo are at stake.
In that sense, Israel could face cyber hacking in the future from China, either despite the countries’ warming relations or as part of Israel being more open to China.
Already Israel, which generally finds the status quo favorable even if it has uncertainties, has sometimes been uncertain about how strongly to respond to cyber hacking by Iran or Hezbollah, with those parties being more willing to risk breaches in the status quo.
An Israeli officer wrote a major cyber-operations treatise in 2013, but the IDF has not wanted to comment on applying the treatise or other principles to cyber threats.
At a recent cyber conference, several current and former Israeli cyber officials were also at odds over how to address current cyber threats to Israel, including even how to organize Israeli offensive and defensive cyber units.
Part of that is to protect IDF flexibility in responding.
But part of it is also that Israel, like the US, is genuinely unsure of how to respond in an era where once weaker adversaries can succeed at cyber terrorism because cyber attackers always have the advantage over cyber defenders.
Anonymous US officials have said that the hacking of 20 million personnel files was a game-changer which could push the US to seriously consider harsher responses.
However, until the US or Israel carry out a major cyber attack or other response to restore deterrence in a sufficiently public manner, many say that their indecision favors and frees the hand of their cyber rivals.