Operating, but not with confidence
The news that Google and 30 other U.S. companies were victims of “highly sophisticated and targeted attacks” is not new or surprising. Cyberattacks have been increasing in scope and sophistication for more than 15 years. What is interesting is the direct challenge by the U.S. Secretary of State, Hillary Clinton, and what this event reveals.
On January 12th, Mrs. Clinton stated the following:
"We have been briefed by Google on these allegations, which raise very serious concerns and questions. We look to the Chinese government for an explanation. The ability to operate with confidence in cyberspace is critical in a modern society and economy."
This statement is a direct challenge to Beijing, which in the art of statecraft, is both bold and stern. There are only a handful of times the United States publicly confronted Beijing leadership on matters of cybersecurity. Though Mrs. Clinton’s challenge likely will be brushed aside by Beijing, the kerfuffle is evidence that cyberspace conflict is heating up. At root, insecure software.
Quoting ComputerWorld:
Sources familiar with the situation say that more than 30 U.S. companies, including Adobe Systems, were hit by this targeted attack, which Google first discovered in mid-December. Using an attack that exploited an unpatched bug in widely used software, the attackers were able to gain footholds in these companies and siphon out valuable intellectual property [my emphasis].
Google is right to call foul and Mrs. Clinton is correct to challenge Beijing, but the United States is equally remiss in failing to directly challenge a cold hard fact: preventable vulnerabilities in our own software are undermining our "ability to operate with confidence in cybersapce." Beijing deserves to be scolded; they are not the only ones.
Comments