On April 1, 2015, President Obama drew a cyber “red line” in the sand, warning those who might think about engaging in cyberattacks against America:
Starting today, we’re giving notice to those who pose significant threats to our security or economy by damaging our critical infrastructure, disrupting or hijacking our computer networks, or stealing the trade secrets of American companies or the personal information of American citizens for profit. From now on, we have the power to freeze their assets, make it harder for them to do business with US companies, and limit their ability to profit from their misdeeds.
That day, Obama signed a new Executive Order establishing the first sanctions program to impose penalties on individuals overseas who engage in cyberattacks like the one against the US Office of Personnel Management. The order authorized the Secretary of the Treasury to target foreign individuals and entities who commit grave breaches in cyberspace, including freezing their financial assets and barring commercial transactions with them. A visa ban could also be imposed. To impose sanctions, the attack in question would have to meet one of four “harms”:
- Attacking critical infrastructure; e.g., a power grid
- Disrupting major computer networks
- Stealing intellectual property or trade secrets
- Benefiting from stolen secrets and property
Obama said his order was intended to punish “individuals or entities whose actions in cyberspace result in significant threats to the national security, foreign policy, economic health or financial stability of the United States.”
The Chinese attack on the Office of Personnel Management clearly qualifies. Yesterday, CNN broke the news that the Chinese hack into the Office of Personnel Management may be four times as large as earlier reported:
The personal data of an estimated 18 million current, former and prospective federal employees were affected by a cyber breach at the Office of Personnel Management – more than four times the 4.2 million the agency has publicly acknowledged. The number is expected to grow, according to U.S. officials briefed on the investigation.
FBI Director James Comey gave the 18 million estimate in a closed-door briefing to Senators in recent weeks, using the OPM’s own internal data, according to U.S. officials briefed on the matter…
US investigators believe the Chinese government is behind the cyber intrusion, which are considered the worst ever against the US government.
The actual number of people affected is expected to grow, in part because hackers accessed a database storing government forms used for security clearances, known as SF86 questionnaires, which contain the private information of multiple family members and associates for each government official affected, these officials said.
China has stolen personal information on countless Americans with Top Secret security clearances – including their social security and passport numbers; the names and addresses of all their relatives; every place they have ever lived, worked or gone to school; details of their military service (including whether they worked in intelligence); all the people they “know well,” including their “foreign contacts,” “foreign activities” and “foreign travel”; all the details of their “psychological and emotional health” including any mental health treatment they have ever received; any police records they may have “regardless of whether the record in your case has been sealed, expunged, or otherwise stricken from the court record, or dismissed”; details of any “non-criminal court actions”; any “illegal use of drugs and drug activity” as well as “use of alcohol”; details of any previous background investigations; as well as detailed financial records, including any past bankruptcies, among other information – in other words everything a foreign intelligence service would need to blackmail those holding America’s most sensitive secrets.
People working for our freedom radios, including Radio Free Asia, who broadcast into China using aliases have had their real identities (and the identities of their family members in China) stolen.
One retired four-star general and cybersecurity expert described the OPM hack to me as a “Cyber 9/11” – an attack of unprecedented magnitude and devastation.
So the question is: Will Beijing pay a price for crossing Obama’s cyber red line? Will the president impose the sanctions that he announced with such fanfare only a few months ago? Or will China learn that it can get away with defying Obama — just as Syria did when Obama drew a red line over the use of chemical weapons?
from AEI » Latest Content http://ift.tt/1JgT9ei
0 التعليقات:
Post a Comment