To distract attention from having fired one fifth of the army, the Conservative defence secretary Phil Hammond needed something positive, whizzy and modern to tell his party members (average age: 68) at their conference last weekend. What better than to announce how go-ahead Britain is in all things cyber and defence? Well, he went one better, and announced that the UK will soon have the power that dare not speak its name; cyber strike capability.
You see, just as ‘everyone knew’ that the NSA was eavesdropping on all manner of phone and Internet traffic, including that of the US’s supposed allies, everyone also knows that the US, Russia, China, Israel, Iran– and probably North Korea if they can string together some cast-off Lenovo servers with galvanised wire – everyone is developing and has in some manner already deployed the ability to attack other countries’ critical networked infrastructure. It’s just that no one wants to admit to it.
Yes, the US’s bashful aw shucks ‘we sure would love to have invented Stuxnet, it’s so dang smart’ wink wink nudge nudge routine as good as confirmed that American cyber strike capability (with a little help from Israel) is not just a war-game scenario. And yes, the Russian state via its proxies knocked out most of Estonia’s official web presence and e-government capability six years ago already, by way of a stern warning to NATO that pre-dated the whole Georgia / Ossetia thing. But the difference is these members of the club only boast about it in semi-private, and to people whose access to information and continued relationships depend on their ability to hug the secrets close and only dispense them in a roundabout fashion and after the fourth drink. The first rule of fight club, and so on.
The reason for this false modesty being, only Bad Guys launch cyber attacks. So everyone is allowing everyone else to pretend they are only developing defence capability, and would never do anything so hostile as to prepare an attack. It’s a bit like the Cold War, except with missile defence but no missiles. (Which is just as well, as parading across Red Square behind a couple of Dell servers is not very stirring.)
Why so coy? Partly because cyber attacks focus not just on military targets but on infrastructure such as energy or financial centres. Attacking purely civilian targets is verboten, and this international agreement has recently been stretched to cover networked assets, not just physical ones. And partly because if another country admits to committing an act of war against you, it puts you in the rather awkward position of having to retaliate. Plausible deniability works both ways.
So Hammond’s entirely willful statement that the UK is developing “full spectrum military cyber capability, including a strike capability” must have come as an unwelcome surprise to the Foreign Office and security services. Truth be told, Hammond’s intended audience was wider than Sunday’s blue rinses. Just as in the US, cyber-defence was the cue for a massive bun-fight on turf and cash between intelligence agencies and the military, Hammond is getting his lumps in first. He simultaneously announced the creation of a rather unfeasible sounding cyber-defence reserve.
Hammond’s astonishing faux pas is probably not bad domestic and intramural politics for him, but it creates a bigger problem for the UK. Do (publicly)-as-you-would-be-done-by has been till recently a pretty good approach to all things cyber and international. But Snowden blew a lot of that useful hypocrisy away. Much of Britain’s laudable public positioning on the open Internet, freedom and security is now hollow.
Consider this speech by Foreign Secretary William Hague a year ago on why the UK and other states need to beef up their security;
“In another case, a large international manufacturer was targeted during a period of negotiation with a foreign government. We do not know how the company’s networks were initially penetrated. But the company later identified that the hackers had accessed the accounts of the company’s entire leadership team during the negotiations. Their significant commercial interests were clearly threatened by this loss of confidentiality.
Attacks of such scale and severity continue to compromise many millions of pounds of investment in research and development, damaging a company’s ability to defend its Intellectual Property Rights and wiping away years of sensitive negotiations and commercial positioning. If these attacks are left unchecked they could have a devastating impact on the future earning potential of many major companies and the economic wellbeing of countries.”
All very reasonable as a cause of concern until you roll forward twelve months and think; Petrobras, Brazil, Roussef. Pot. Kettle. Black.
So when it comes to intentionally blowing away the useful hypocrisies* that kept the world of cyber diplomacy spinning round, Phillip Hammond has a lot in common with Edward Snowden.
The problem now is that the Russians and Chinese gained endless rhetorical cover both to retaliate against us and further develop their own bowdlerised Internets as technologies of political control. Rhetoric has real-life consequences, and the long game they are playing at the UN to win allies and exert intergovernmental control over the global Internet has been given a massive boost.
On one hand, Hammond’s punchy and self-serving revelation undercuts the ability of the UK to pursue with a straight face its current line on Internet openness and security. That hurts all of us working for a global, end to end network where permission to innovate – technologically and politically – is baked in to the protocols.
On the other hand, maybe it’s time to end the phoney war and bring into the relative open the process to spell out and agree how nation states will conduct themselves offensively and defensively in cyber space.
* Henry is co-writing an article on Snowden and the useful geopolitical hypocrisies he’s exposed, and I’ve borrowed the phrase.
{ 50 comments }
Manta 10.02.13 at 10:20 am
Was this a post meant to criticize Phil Hammond?
Good riddance to “useful hypocrisies”, and good riddance to 1/5th of the army.
Manta 10.02.13 at 10:34 am
Moreover, moving from “killing people and blowing shit up” to “making computer viruses, hacking company and government servers, and disrupting infrastructure” seems to me a huge improvement.
Case in point: Stuxnet (it is true that killing scientists was also involved in that case, though).
Maria 10.02.13 at 10:41 am
You may feel differently about that when the lights go out: http://www.channel4.com/programmes/blackout
SusanC 10.02.13 at 10:43 am
There is some considerable doubt that “cyber war” can be anywhere near as effective as more conventional forms of warfare such as guns and explosives.
Cyber attacks have two interesting characteristics:
– Likelihood of going out of control and hitting unintended targets. Stuxnet went out of control and infected computer systems in other countries. Oops: the US just commited an act of war against Germany, if you consider these things to be acts of war. Better keep quiet that you did that. The out of control stuxnet did not, of course, cause mass civilian casualities in Germany — see the above doubt about the general effectiveness of cyber attacks.
– Difficulty of attribution. One of the main advantages of cyber attacks is that it’s hard to be sure who did it. So you’d mostly use them when you wanted to be able to deny having commited an act of war against another nation state. And if that’s your use-case, you’ld probably want to keep a bit quiet about having done it.
Manta 10.02.13 at 10:48 am
I remember that at the time one of the main alternatives to Stuxnet was war (and not of the “cyber” variety): or have we forgotten a certain presidential candidate singing “bomb Iran”?
guthrie 10.02.13 at 12:13 pm
Once upon a time there was a country where politicians used to announce things that were or were going to become government projects, which meant that companies who were interested in bidding for such projects knew just who to contact and bribe, or else it worked as a form of signalling that the politician in charge reckoned they had a good chance of getting such work going if they spoke nicely to the other politicians. One of the methods of reward was ensuring that when politicians retired, they got well paid jobs as executive directors or special assistants or work as consultants.
SusanC 10.02.13 at 12:33 pm
@Manta. I basically agree with you here. Based on all known incidents to date, “cyber” weapons are much less destructive than most other forms of military action. So while this means that a significant amount of what is being said about “cyber war” is just hype, its also a positive sign that the military is moving to technologies that are much less destructive (but still serve the politically necessary function of keeping the money flowing to the DoD/MoD and their contractors). It’s a sign that the political will for actual war isn’t there.
P.S. I have Thomas Rid’s “Cyber War will not take place” on my desk at the moment. I haven’t finished reading it yet, but my initial reaction is that Baudrillard inspired ideas of simulation (note the obvious allusion to “The Gulf War did not take place” in the title) and Clauswitz do not mix together very well…
Ronan(rf) 10.02.13 at 1:42 pm
SusanC
Have you ever read Antoine Bousquet’s The Scientific Way of War ?
It’s one of the few books Ive read on the topic, (how technological and scientific advances change war), and I found it interesting, but I wondered what those more well read on the topic made of it..
Barry 10.02.13 at 2:12 pm
Susan C: “Based on all known incidents to date, “cyber†weapons are much less destructive than most other forms of military action. ”
If one assumes that cyberwarfare is in its infancy……………….
Zamfir 10.02.13 at 2:25 pm
Presumabky a major aim of cyberwarfare is to hinder an enemy while you are also having old-skool war with them. In that sense, the current non-lethality of it mostly means that it hasn’t seen much use yet in the kind of conflicts where people get killed. Not that it is intrinsically less lethal.
hix 10.02.13 at 2:45 pm
So whos controling the internet now? The US? The UK? Google? Facebook? AT&T? And how is that any better than UN control?
Substance McGravitas 10.02.13 at 2:47 pm
Stuxnet was designed to do a few things, one of which was to ruin centrifuges. Was it effective as it was? Of course. Did Stuxnet go in a few other directions? Sure! But the other thing it was designed to do was pass along information, and more information appears to be a good thing to the spooks concerned. An out-of-control Stuxnet is icing on the cake, not failure.
Bye Fred Pohl, thanks for The Cool War.
Cian 10.02.13 at 2:48 pm
The only reason that you could potentially take down power stations is that their security is ludicrously lax [1] (they put computers on the internet that have no business being there in the first place). However it’s very hypothetical, given the hodgepodge of systems that hold these things together. The solution would be to make power companies take their security responsibilities seriously – but good luck with this.
[1] This also applies to physical security.
Cian 10.02.13 at 2:49 pm
And yeah, I didn’t have a problem with downsizing the armed forces. The way it was done – yeah, stupid and wasteful. But that’s a different argument
Adam 10.02.13 at 3:17 pm
Agreeing with Cian – until our brains are hardwired into networking technology, I won’t fear “offensive cyberstrike capability” – even most examples cited in this post are just corporate espionage. Warfare is a poor metaphor for IP theft, I think.
And, if critical infrastructure like power plants were taken down, blame should lie with the business in charge of keeping it running, not justify military power to do the job for them – of course, it would be good for business if they did. At least in the US, “cyberwarfare” is just one more name for the dovetailing interests of government and business – just hype to drive and protect investment.
Adam 10.02.13 at 3:20 pm
(Although I would say the post’s conclusion and discussion of formerly-useful hypocrisies are points very well taken.)
Straightwood 10.02.13 at 4:28 pm
The nation states are writing their own death warrants by destabilizing the global Internet by trying to make it into a battlefield. It was famously said that “the Net routes around damage,” and the long-term political consequence of this maxim is that individuals and private organizations will increasingly seek mechanisms of global commerce and political association that bypass sovereign nations. The nation states know that this is coming and are arming themselves for pre-emptive cyber war, but every destructive move they make in cyberspace will further undermine their legitimacy as constructive actors in global society. Organizations that destroy trust and undermine productive association will end up in the dustbin of history, no matter how great their current temporal power may be.
mud man 10.02.13 at 4:55 pm
@ Maria #3:
Out here in the bushes the power goes out every winter … a couple of years ago the entire city was down for a week. Nobody liked it, and there may have been actual casualties that I didn’t hear about, but yes I would prefer lots more of that to drones overhead. Actually if it helps focus Leadership’s attention on infrastructure vulnerability, which also arises from natural causes as mentioned, it could be a constructive sort of destruction.
novakant 10.02.13 at 6:25 pm
I don’t like this line of argument: cyber warfare is better than real war, so let’s do that instead – awesome.
Where will it lead us?
The same logic could be applied to all sorts of cases:
Torture is better than killing, sanctions are better than all out war – yet they are still crimes against humanity – so how about just not doing stuff like that to others?
Pete 10.02.13 at 6:54 pm
“Cyberwar” is not going to be against other governments or infrastructure, it’s going to be a continuation of the current NSA scandal. People or organisations deemed “hostile” (i.e. opposition political parties, radicals, newspapers etc) will be hacked into and impaired.
Consumatopia 10.02.13 at 7:04 pm
The problem is that computer technology is shared between companies and across borders. Those who employ offensive cyberwarfare have an incentive to keep technology insecure. So you can’t just blame the power plant operators when the power plant is hacked–some people within our governments now have an interest in keeping infrastructure hackable.
Trader Joe 10.02.13 at 7:06 pm
Certainly the “Cyberwar” movies of the future wouldn’t be nearly as good.
Having a bunch of landing craft pull up to the beaches of Normandy to disgorge a slew of tech0-nerds with iPads who somehow manage, against all odds, to set up a WiFi tower and then hack into enemy lines just doesn’t seem very cinematic.
I’d agree with Zamfir @10 above, the point of Cyberwar capabilities would seem to be to knock out key infrastructure to make it easier to lay the wood to your ‘enemy’ (whether civilian or military) with conventional things that go boom and draw blood.
Zamfir 10.02.13 at 7:17 pm
Then again, imagine Apocalypse Now in TRON outfits.
Trader Joe 10.02.13 at 7:22 pm
The NVA could stick their captured into bamboo jail cells and then torture them….with dial-up. Oh the humanity. Waiting for page loads would be as bad as waterboarding.
Zamfir 10.02.13 at 7:28 pm
More seriously, drones are not an alternative to cyber warfare. They are more like a physical side of it. Same goes for the air defense systems that might protect you from them. Both are highly networked technologies, and the ability or disability to run such networks uncompromised might become the major factor in whether you can drone others or be droned.
Manta 10.02.13 at 7:59 pm
@21
http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html
“the agency used its influence as the world’s most experienced code maker to covertly introduce weaknesses into the encryption standards followed by hardware and software developers around the world.”
“Simultaneously, the N.S.A. has been deliberately weakening the international encryption standards adopted by developers. One goal in the agency’s 2013 budget request was to “influence policies, standards and specifications for commercial public key technologies,†the most common encryption method.”
See also for a comment:
http://www.scottaaronson.com/blog/?p=1517
And novakant@19: from Maira’s own post, the UK government downsized the army and is investing more into cyber-“warfare”: to me it seems an improvement, like sanctions ARE better than war, and world with more sanctions and less war is a better world.
Consumatopia 10.02.13 at 8:51 pm
@Manta, 26, I had exactly that sort of thing in mind. Just as people operating a surveillance network have will support weaker and flawed encryption, people engaging in offensive cyberwarfare will support weaker computer security in general. They will weaken our own infrastructure in order to make it easier to attack someone else’s.
Pete 10.02.13 at 9:05 pm
Relatedly from today’s news: http://www.telegraph.co.uk/news/worldnews/middleeast/iran/10350285/Iranian-cyber-warfare-commander-shot-dead-in-suspected-assassination.html
Increased “cyberwar” in “peacetime” is likely to lead to more of this kind of cross-border unofficial state terrorism, which is likely to make the world less stable. It will probably have an effect on trade; imported hardware and software may be sleeper agents for the exporting country.
novakant 10.02.13 at 9:33 pm
#26
You don’t what sanctions mean – they kill people, they make them suffer immensely, for years or decades, they hold millions of powerless people hostage for their leaders, they are a crime against humanity – better than war is no justification, in fact it’s an enabling tactic.
Ronan(rf) 10.02.13 at 9:43 pm
Manta, how could ‘cyberwar’ have taken the place of Iraq 2003? Or Afghanistan for that matter?
Or do you mean war between major powers? But there hasn’t been one for decades..
Surely these new tools will just exist with and shape older forms of war, like mass data mining identifying insurgent networks and then special forces acting on that information (more than likely outside of international law and proper oversight)
What is ‘cyberwar’ going to offer in this context? If anything it just offers more opportunities for conflict to escalate
Daragh McDowell 10.03.13 at 1:22 am
Great piece Maria, though I have a couple of minor queries/quibbles with this paragraph –
“Why so coy? Partly because cyber attacks focus not just on military targets but on infrastructure such as energy or financial centres. Attacking purely civilian targets is verboten, and this international agreement has recently been stretched to cover networked assets, not just physical ones. And partly because if another country admits to committing an act of war against you, it puts you in the rather awkward position of having to retaliate. ”
First – in what ways is targeting civilian infrastructure verboten? To the best of my knowledge, degrading an opponent’s war making capacity by undermining their economic infrastructure has been largely accepted as fair game in warfare since the advent of ‘total’ war. Cold War deterrence policies on both sides were based more on threatening factories and office blocks than barracks and airfields. Even undermining the morale of the civilian population through terror bombing maintained respectability once it was rebranded as shock and awe. Not trying to score points – genuinely wondering if I’ve missed an important agreement, or if I’ve just misread you somehow.
Second – there may be a real problem with equating attacks on intangible networked assets with physical ones, and not only for the differences in overall destruction others have discussed above. This is especially true in a scenario like the William Hague example you cite. The company in question is a private entity, and one without any particular state allegiance as it is a multinational (even if it is being implicitly supported by the UK.) Now it’s physical assets have to exist in actual states, and any attack on them would be a clear act of war against the state in question – after all, it’s monopoly on violence in the territory in question has been directly and unquestionably challenged requiring response. But the company’s intangible assets, by definition, exist outside of spaces where any state can legitimately claim that monopoly, and if the company is truly international no state has any obligation to expend resources to protect it. The company’s interests are private, and an attack on them is not necessarily an attack on anyone else. Put more simply, if Russia scud-whips an (for our purposes, empty) BAE flight testing facility in Gloucestershire, that’s indisputably an act of war. But what if Russia forces the facility to shut down by screwing with BAE’s offshore bank-accounts? There’s not much difference here, but for all sorts of reasons I expect that both British policy makers and the public generally would regard both events very differently. So even if the act became public knowledge, it would (I think) be placed in a different category to ‘acts of war’ making a response less ‘necessary.’
I’m not sure if I’m missing some key points here, and would be glad to be corrected if I have. But I’m starting to wonder if conceptualising cyber-attacks in the same way as (to use some obnoxious jargon) kinetic attacks from the policy/political standpoint might not be terribly useful. Maybe we need entirely new terms?
bad Jim 10.03.13 at 6:27 am
Brian Beutler at Salon suggests that we may soon be seeing some cyber civil war:
Substance McGravitas is dead on with the Fred Pohl mention.
Ronan(rf) 10.03.13 at 1:07 pm
“First – in what ways is targeting civilian infrastructure verboten? To the best of my knowledge, degrading an opponent’s war making capacity by undermining their economic infrastructure has been largely accepted as fair game in warfare .. ”
They’re two different things though, arent they? – attacking civilian infrastructure during a war (which can often be said to have some military objectives in the context of the war) and attacaking *purely* civilian infrastructure during peacetime (Or concentrating solely/primarily on civilian infrastructure)
I dont know to what extent attacking civilian infrastructure specifically is verboten by international laws/norms, but the context is important
Ronan(rf) 10.04.13 at 12:26 am
Have a look here, (book at bottom of page)
pgs 104 on (particularly pages 110 -124)
http://www.ccdcoe.org/249.html
Seems it’s, ambiguous?
Chaz 10.04.13 at 12:36 am
Electronic attacks are not necessarily an alternative to traditional warfare. Russia launched electronic attacks against civilian targets in Estonia in retaliation for Estonia moving a statue in an Estonian city. There’s no way Putin would have ordered a bombing or a land invasion against a NATO member or even non-member over petty nonsense like that. In that case the attacks were used where Russia would have traditionally used symbolic diplomatic actions–cancelling a summit, sending a letter, withdrawing or expelling an ambassador.
The stakes are so low with electronic attacks that politicians are eager to play stupid games with them for domestic political purposes. But since they cannot hold territory or overthrow governments they are still not a replacement for conventional weapons. It’s like mutually assured destruction turned upside down.
Andrew F. 10.04.13 at 12:10 pm
I have a slightly different view on this.
Governments have spoken little about their offensive cyberwarfare capabilities because they can. Development of such capabilities are more easily kept secret, and there’s no need to advertise to a future opponent what he may have to consider in his planning. The truly important cyber capabilities – the ability to develop intelligence on important variables, and penetrate and degrade an adversary’s C4ISR – aren’t new concepts and aren’t considered only the tools of bad guys.
The less savory cyberwarfare possibilities considered – electrical grids malfunctioning and such – aren’t talked about as much by governments because they’re not as important or valuable as more conventional military means of nudging an electrical grid offline. And in fact the US has made quite clear that they will consider such forms of cyber-attacks to be the equivalent of conventional acts of war – meaning, as one unnamed Pentagon source put it, “if you shut down our power grid, maybe we’ll put a missile down one of your smokestacks.”
Re Petrobras, collecting economic intelligence and conducting commercial espionage are not the same thing. It may be important, for many reasons, to know the fortunes of an important state oil company like Petrobras. That information would play a role in assessing a state’s geopolitical position, and may be used in a more granular sense to assess the likely future paths of individual players and groups within a state’s power structure.
So, in that case one is collecting intelligence on an economic entity, but for the purpose of informing government consumers who will make decisions concerning national security.
Commercial espionage also involves the collection of intelligence on an economic entity, but for the purpose of informing consumers who intend to use that intelligence for private economic enrichment. Nothing has shown the US to be engaged in commercial espionage, and it’s been standing policy (as far as I’m aware) for the US Intelligence Community NOT to undertake commercial espionage.
The purpose for which information is collected, how the information collected is used, and the institutional framework surrounding that collection and use, are all important. I don’t think Britain’s surveillance capabilities have diminished the expression of any ideas on the internet. By contrast, PRC surveillance capabilities are used to actively suppress the views of a very large portion of the world’s population. Purpose, use, and institutional framework matter.
bob mcmanus 10.04.13 at 12:22 pm
Iran Cyberwarfare Czar … found with two bullet holes near his heart, one day ago.
Is this on topic?
Ronan(rf) 10.04.13 at 12:32 pm
There was an interesting article about GCHQ byt John Lancaster in the Guardian the other day
http://www.theguardian.com/world/2013/oct/03/edward-snowden-files-john-lanchester
Manta 10.04.13 at 12:51 pm
“Commercial espionage also involves the collection of intelligence on an economic entity, but for the purpose of informing consumers who intend to use that intelligence for private economic enrichment”
Based in this criterion, China spying on US companies and giving the information to help state-owned Chinese companies would not be engaging in commercial espionage, since it’s not used for “private economic enrichment”.
“it’s been standing policy (as far as I’m aware) for the US Intelligence Community NOT to undertake commercial espionage.”
Evidence?
The US secretary of state publicly condemned cyber-warfare, while the US was engaging in it against Iran.
On the other hand, we do know that US was (and probably is) spying on Chinese universities.
hix 10.04.13 at 1:02 pm
Industrial espionage is outright official US policy. Its not even a secret and we are talking about the paranoid secret service here. How ridiculous to claim the contrary. Companies usually dont anounce it when they fall victim. For a somewhat publiced affair, see Enercon, where the secret service gave plans to an US competitor, who made them an US patent and sued enercon for patent infringement. The result, btw is that enercon is now the worst patent troll and does not deliver their supiror products to the US. The competitor is bancrupt.
Manta 10.04.13 at 1:02 pm
Chaz@35:
“Electronic attacks are not necessarily an alternative to traditional warfare. ”
I agree that in general this is not the case.
However, in her post Maria explained that UK *is* moving from traditional warfare to electronic attacks: maybe that was not her intended message, but it is the natural conclusion from what she wrote: donwsizing the army and putting more power into cyber-warfare.
And therefore I think Phil Hammond is to be lauded.
Ronan(rf) 10.04.13 at 1:09 pm
Yes Manta that could be seen as the point if you read completly out of context and took everything *super literal* ; )
Mao Cheng Ji 10.04.13 at 1:17 pm
What about this one, oldie but goodie, 1982:
http://en.wikipedia.org/wiki/Siberian_pipeline_sabotage
Ronan(rf) 10.05.13 at 11:01 am
If no one minds me asking, does anyone have any recomendations on what to read on internet freedom etc (preferably an introduction, non jargony but covering all the important bases? – especially dealing with the battle between corporations, governments and activists for control of the internet)
Ronan(rf) 10.05.13 at 11:13 am
And I’ll offer up this reading list on cybersecurity I found recently to anyone interested
http://www.whiteoliphaunt.com/duckofminerva/2013/08/what-should-you-read-on-cyber-security.html
Andrew F. 10.05.13 at 12:32 pm
hix @40: Industrial espionage is outright official US policy. Its not even a secret and we are talking about the paranoid secret service here. How ridiculous to claim the contrary. Companies usually dont anounce it when they fall victim. For a somewhat publiced affair, see Enercon, where the secret service gave plans to an US competitor, who made them an US patent and sued enercon for patent infringement.
Enercon was sued for patent infringement, and in defense claimed that a source in the US government told them that their designs were stolen by the US government (because wind turbine designs are undoubtedly a target of US intelligence agencies) and given to a competitor, who then filed a patent. They have offered no evidence whatsoever of this claim. Worse, the US patent was registered three years before Enercon claims that the espionage occurred. For a summary and citations: Enercon Patent Dispute.
Manta @39: Based in this criterion, China spying on US companies and giving the information to help state-owned Chinese companies would not be engaging in commercial espionage, since it’s not used for “private economic enrichmentâ€.
I could quibble with whether state Chinese enterprises are not run for private enrichment, but I agree that the definition should be expanded to include state owned enterprises.
Evidence?
The US secretary of state publicly condemned cyber-warfare, while the US was engaging in it against Iran.
On the other hand, we do know that US was (and probably is) spying on Chinese universities.
I honestly wonder: is there any evidence that would persuade you? First, there’s the lack of any substantiated stories of commercial espionage by the US Government. Given the number of parties with an interest in seeing such things leaked, it would be surprising if commercial espionage were a policy and yet no instance of it was ever leaked. Second, I can point you to articles like this which discuss the subject, and cite additional sources of information, but I doubt that you’d find them remotely trustworthy. Third, I could point out that the US companies are fierce competitors and that the larger ones are quite multinational; there are no obvious candidates for the US Government to choose to favor over others by bestowing stolen information, a situation unlike that in many other countries.
As to Snowden’s revelations that the NSA kept a list of vulnerable computers owned by some Chinese universities, there are plausible reasons for that list which have nothing to do with commercial espionage (e.g. the use of those computers to exploit other targets, or the involvement of those computers in Chinese government activity).
Barry 10.05.13 at 1:12 pm
Andrew F : ” Nothing has shown the US to be engaged in commercial espionage, and it’s been standing policy (as far as I’m aware) for the US Intelligence Community NOT to undertake commercial espionage.”
What’s now known is that ATT was acting as wiretappers for the DEA for 25 years or so, and that the DEA was engaged in highly illegal and perjurious use of NSA data for a while.
Considering the relative clout of Exxonmobile and Goldman Sachs……….
Manta 10.05.13 at 8:15 pm
Ronan:
http://www.europarl.europa.eu/sides/getDoc.do?pubRef=-//EP//NONSGML+REPORT+A5-2001-0264+0+DOC+PDF+V0//EN&language=EN
p102: there is a nice table with the cases of known espionage by state actors at the time: you can see that there are quite a few by US agencies; some uncovered bribes, some were IP theft, and some
Industrial espionage by US intelligence service IS LEGAL (or, at least, was at the time of the report):
p 194-195
“In response to a supplementary question from Congressman
Gibbons, Tenet admitted that there was no legal ban on the gathering of competitive intelligence; however, he saw no need for such a ban, given that the intelligence services were not involved in activities of that kind. “
Ronan(rf) 10.05.13 at 8:53 pm
Thanks for the link Manta, looks interesting Ill have a look
Though I think you meant to direct it to Andrew F? I wouldn’t make the arguments he is vis a vis commercial espionage etc (primarily out of ignorance, but also because it seems counterintuitive to me)
Manta 10.05.13 at 9:02 pm
Aw, sorry Ronan, I meant Andrew (but given your request you may be interested in the link).
Comments on this entry are closed.