Experts: US Must Be Ready for Cyberwar

January 17, 2019 Updated: January 17, 2019

WASHINGTON—The United States is at the beginning of an era of cyberwarfare with China and several other adversaries, and needs to take vigorous actions to fight and win this war, two Justice Department (DOJ) experts said.

Referring to the national security threats in cyberspace the United States is facing, John Carlin, former assistant attorney general in the DOJ’s National Security Division, said: “We are at the beginning of this space. And we are still feeling out what red lines look like. But it’s begun.”

John Demers, assistant attorney general, National Security Division, said: “There is a lot going on in this space. Just keep your eyes open. We are not talking about history. We are talking about the present and the future.”

Carlin published the book “Dawn of the Code War” last October to discuss the rise of cyber threats from U.S. adversaries, and the strategies that have been developed to combat them. He and Demers appeared at a panel named after his book at the Center for Strategic and International Studies on Jan. 15.

Demers shared some behind-the-scenes stories about some of the attacks.

“What they are stealing is not national secrets. It is things like email telling the pricing for a solar company, so they could price dump, right below what that solar company could bear,” he said.

“And then, to add insult to injury, after that solar company went bankrupt, and sued for unfair trade practices, they stole the whole litigation strategy out from under them.

“And we put together an attachment showing when this activity happened. From 9 a.m. in the morning, until around noon, it spikes. It decreases from noon to 1 p.m.: lunch break. It increases again from 1 to 6 p.m. It decreases overnight, on weekends, and on Chinese holidays.

“So the former prosecutor and I would say, ‘Circumstantial evidence: This is coming from China.’ ”

Demers said that in the last eight years, 90 percent of the DOJ’s cases alleging economic espionage involve China.

“There is an international norm, that is, the intelligence agencies [of] countries do not steal commercial and intellectual property. Period. We don’t do it.

“The reason I know that there is an international norm is that in the last eight years, 90 percent of the economic espionage cases we have charged involved one country, and that’s China. Which means the rest of the world isn’t doing it, either,” Demers said.

In a Senate hearing on “China’s Non-Traditional Espionage Against the United States: The Threat and Potential Policy Responses” in December, the People’s Republic of China was named as the greatest threat to U.S. economy and national security.

General Keith Alexander called China’s estimated gains from economic espionage of up to $600 billion, “the greatest transfer of wealth in history.”

Indictments and Sanctions

Both Carlin and Demers said that, given the credibility of the U.S. justice system, indictment is a very good tool to tackle the problem, as it will let the American public know how serious the “code war” is.

Another good tool is sanctions.

Carlin said, “Another tool that I think is not being used enough, which was signed into effect under an executive order by President [Barack] Obama, and is being signed again with the same declaration of economic emergency by President [Donald] Trump, is the executive order that allows the sanctioning not just on the cyber actors who steal information, but on the companies who benefit from the stolen secrets.”

On April 1, 2015, Obama signed an executive order “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities,” authorizing targeted sanctions against individuals or entities whose actions in cyberspace result in significant threats to the national security, foreign policy, economic health, or financial stability of the United States.

In 2015, Obama and Chinese leader Xi Jinping reached an agreement, in which “the United States and China agree that neither country’s government will conduct or knowingly support cyber-enabled theft of intellectual property, including trade secrets or other confidential business information, with the intent of providing competitive advantages to companies or commercial sectors.”

However, Demers said that it was very frustrating that instead of abiding by the agreement, “some countries are providing a safe harbor, at best, to criminals, and worse, are working with those criminals.”

On Dec. 20, 2018, the United States charged two Chinese hackers associated with the Ministry of State Security in China with an extensive global computer-intrusion campaign carried out over more than a decade.

Demers said the significance of the case was that it was the first indictment against Chinese hackers after the Obama–Xi cyber agreement.

Demers said he hopes the indictment could lay a foundation for later groundwork for other agencies, so they could use their authority to shine a spotlight on this. It could also help members of Congress become aware of these activities.