China’s cyber escalation

MYRNA BROWN, HOST: It’s Thursday the 9th of January.

Thanks for listening to WORLD Radio! Good morning, I’m Myrna Brown

MARY REICHARD, HOST: And I’m Mary Reichard.

First up on The World and Everything in It: Chinese cyber hacking.

Last week, reports came out that Chinese hackers had infiltrated the U.S. Treasury Department, possibly accessing information about sanction plans and data about the American economy.

BROWN: But that’s just the latest in a year of Chinese hacking operations. So far, they’ve planted malware in infrastructure and gathered data from the biggest phone companies for months without anyone noticing, and those are just the ones in public record.

How should the U.S. respond? Here’s WORLD’s Mary Muncy.

GLENN GERSTELL: This isn't a case of just a burglar going down a block trying every front door handle.

MARY MUNCY: Glenn Gerstell works with the Center for Strategic Studies and has served as the General Counsel of the National Security Agency.

GERSTELL: This instead, is very sophisticated.

Over the past year, maybe year and a half, Gerstell says China has been upping its cyber maliciousness. And three big hacks stand out.

GERSTELL: The Salt Typhoon attack on the telecom systems and the so called Volt Typhoon, which was the attacks on infrastructure in Guam.

And of course, the hack on the U.S. Treasury Department.

In the case of Salt Typhoon, hackers got into U.S. telecom agencies, stealing data from thousands of Americans, but two of their main targets were President-elect Donald Trump and his vice president.

Gerstell says that to be 100 percent sure they removed the hackers, they’d have to remove the physical piece of equipment and replace it with something new. But if the hackers are smart, they’ll cover their tracks and hide their code in a router or modem somewhere, where no one will look.

GERSTELL: If you think of a burglar breaking into your house and then sort of tracing the steps and dusting it back so you can't figure out the footprints or fingerprints. Well, they did the cyber equivalent of that in a very, very sophisticated way.

It’s the same thing in Volt Typhoon. Where hackers infiltrated American infrastructure and planted malware, but as far as we know, haven’t done anything with it.

It’s like breaking into a house only to unlock the back door and leave.

GERSTELL: They just lay low and came back every few months to make sure that the door was still open.

And that creates the conditions for an even more sophisticated kind of operation.

GERSTELL: Supply chain attacks.

That’s how the hackers got into the Treasury Department. They infiltrated a third-party vendor, and when they interacted with the Treasury, the hackers got in with very few warning signs.

The bad news is, no one is sure whether the hackers are still in the system or not… especially in the case of the telecom agencies.

GERSTELL: Maybe you heard one or two strange noises in the attic, but when you went up to check there was no one there. But on the other hand, you didn't really see anyone leave the house.

The FBI’s cyber unit has assured officials that no other federal agencies were hacked, at least as far as they know.

And so far, the Chinese government says they haven’t sanctioned or helped any of these hacks.

GERSTELL: And the question is, what is our counter-response?

In the past, the U.S. has imposed sanctions and maybe expelled a diplomat. After the recent treasury hack, the government did levy sanctions on a Beijing-based cybersecurity company.

GERSTELL: But we have to be really careful. We don't want to escalate, we don't want to provoke, we don't want to get into a full, full out cyber war.

Gerstell says hacking on some level is a tit-for-tat operation. Yes, the Chinese likely have access to our energy grid. But we also have access to theirs. Yes, there are a lot of spying operations going on, but we’re doing the same thing, and we may be more vulnerable than they are.

GERSTELL: The argument is, if you live in a glass house, you shouldn't throw stones.

But some believe throwing stones may be the only way to fix the problem.

FURCHTGOTT-ROTH: If we're a nation of laws, we ought to hold wrongdoers accountable.

Harold Furchtgott-Roth is a fellow with the Hudson Institute. He says that instead of punishing the wrongdoer, the US has been telling companies to create better security systems.

FURCHTGOTT-ROTH: What I would call blaming the victim.

He believes the government should start imposing sanctions on China or allow reprisals from US law enforcement.

The Supreme Court has taken up a few cases this term over whether the US has jurisdiction over crimes committed against U.S. citizens abroad and whether U.S. citizens can sue bad actors abroad. Depending on how they rule, it could open the door to prosecuting crimes like hacking committed against the U.S. from other countries.

FURCHTGOTT-ROTH: Taking cybersecurity measures by themselves is not going to solve this problem. We are all vulnerable.

And to that end, the FBI is warning the public not to take any chances.

FOX: The FBI is warning Android and iPhone users to be careful when texting one another

NEWS4JAX: These hackers could potentially intercept text messages, they could even listen to your conversations on your phone.

NBC NEWS: The head of homeland security calling the threat very very serious.

Basically, the FBI is saying not to text sensitive information online without end-to-end encryption. Texting between iPhones or between Android phones has a few more hoops for hackers to jump through than basic SMS texting. Some apps also claim to be more secure.

But is that enough?

ERIC COLE: I'm Dr Eric Cole. I'm a cybersecurity professional and I am founder of Secure-Anchor.

Cole says cyber security for the average person is not about being the most secure, it’s about being just a little more secure than everyone else.

ERIC COLE: What we we call that in security, is the faster than the bear syndrome.

Basically, if two people are trying to outrun a bear, you don’t have to be faster than the bear, just faster than the other guy.

Cole says for someone like President-elect Trump, it makes sense to have a cyber security team, but for lower-profile people, the odds of being targeted directly are pretty low, so just taking some basic encryption precautions makes sense.

Switching analogies:

COLE: It's always what we call the game of leapfrog.

The bad guys are going to find a hole in the wall and exploit it. The good guys will patch it and tell others to do the same, and then the bad guys will go looking for a new hole.

COLE: It's inevitable that this will continue to happen short term because we don't have any international laws on cyber security.

It’s legal in China to hack a US company and Cole says until there are incentives to stop, whether from their own government or ours, hacking will continue.

Cyber expert Glenn Gerstell agrees and says in the meantime we need to figure out how to live with it, kind of like a chronic disease.

GERSTELL: It's never really perfect, but you can manage it and live with it and go about and have a successful life. And my guess is that we'll probably end up in some kind of, I'll sort of say, equilibrium. It's not a happy solution. I wish we could wave a magic wand and fix it, but that's just not realistic.

Reporting for WORLD, I’m Mary Muncy.

WORLD Radio transcripts are created on a rush deadline. This text may not be in its final form and may be updated or revised in the future. Accuracy and availability may vary. The authoritative record of WORLD Radio programming is the audio record.