Using Intelligence Against Companies That Benefit From Cyberspionage

Naming and shaming the ultimate beneficiaries of stolen trade secrets can work

SAN FRANCISCO -- RSA CONFERENCE 2013 -- Identifying the human or actor behind a targeted attack -- a.k.a. attribution -- has been hotly debated over its relevance. But knowing and confirming your attacker could be a key element of ultimately making cyberespionage more costly for nation-states like China, some security experts say.
Dmitri Alperovitch, co-founder and CTO of CrowdStrike, says its mindboggling to him when people say attribution of the attacker doesnt matter. Its fundamentally critical who your enemy is, Alperovitch said here in an interview last week. Dont you want to know if its a murderer thats inside your house or a guy who stole your TV? You have to know what to protect.
The industry has evolved over the past year or so from focusing only on blocking attackers from getting in to a more pragmatic acceptance that these determined and well-funded attackers cant really be stopped and are likely already inside your network. The focus now is on how to stop them from stealing and exfiltrating sensitive information. Alperovitch said that requires a good understanding of who the people and groups are behind the attacks, so you can make it more expensive and risky for them to attack.
And the ultimate solution would be to go after the actual beneficiaries of the stolen information, such as some Chinese businesses. Its helpful to know exactly which building, unit, affiliation, and ... yes, their faces, Alperovitch said. But its also helpful to understand the trade craft of that group. The strategic level of attribution is useful ... [they are] passing it to local and state-owned companies. Understanding who these companies are is important.
Many Chinese businesses also are trying to branch out globally and do business outside China, he said. If [Chinese companies] are using stolen information, you can bring that leverage ... for trade sanctions. It may not be against China or the PLA [Peoples Liberation Army], but you could take criminal action against [the companies] executives, for instance, he said.
The Obama administrations
newly announced strategy on fighting the theft of intellectual property
could help here. Were going in that direction with the strategy the administration is trying to lay out with trade sanctions that are not specific to cyber. We need to expand that to cyber, Alperovitch said.
[The U.S. government will be slow to act against aggressors who attack through the Internet, predict policy and China experts at RSA. See
Chinas Cyberespionage Will Continue Unabated, Say Experts
.]
Alperovitch said raising the cost of doing business for Chinese firms capitalizing on stolen U.S. intellectual property is key. And naming and shaming firms under suspicion of spying or being agents of the Chinese government, as with the case of Chinese telecommunications company Huawei, can help, he said.
Take Huawei,
which, along with Chinese company ZTE, was called out by Congress
recently as risky to do business with here in the U.S. A congressional intelligence committee warned of potential security risks to U.S. infrastructure with the Chinese companies as suppliers. The fallout has made an impact on Huaweis business aspirations in the U.S., he said. It has made an impact on their business, Alperovitch says. Theres no question that naming and shaming can be very effective.
But what about the U.S.s own use of cyberespionage? James Lewis, director and senior fellow of the technology and public policy program at the Center for Strategic and International Studies, in a paper published today explains the differences in how the U.S. and China each employ cyberespionage.
The US government does not engage in economic espionage and intellectual property laws are more strongly enforced in the United Sates than in many other countries, including China. Nor are American political hacktivists encouraged by the US government. The US approach to cyber conflict treats cyber techniques as traditional tool of statecraft, providing advantage in military and political intelligence, and as a new weapon to strike opponents, Lewis wrote.
The US uses cyber techniques to monitor and assess Chinese capabilities and intentions, and to gain battlefield advantage in the event of conflict. US cyber actions, unlike Chinese cyber actions, are focused on their competitor’s official government activities and not on economic espionage. US laws effectively preclude economic espionage by government agencies and punish private individuals who breach intellectual property laws,
Lewis writes
.
Have a comment on this story? Please click Add Your Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Using Intelligence Against Companies That Benefit From Cyberspionage