Risk
6/10/2013
06:41 PM
Connect Directly
RSS
E-Mail
50%
50%

U.S.-Chinese Summit: 4 Information Security Takeaways

What did the summit accomplish with regard to cyber spying and cyber attacks -- and what's left undone?

The Syrian Electronic Army: 9 Things We Know
(click image for larger view)
The Syrian Electronic Army: 9 Things We Know
Don't expect advanced persistent threat (APT) attacks emanating from China to stop anytime soon.

During a historic, two-day summit last week, President Barack Obama and Chinese president Xi Jinping spent eight hours discussing numerous issues of mutual concern. Results included new agreements on greenhouse gas emissions and North Korea; plans to run a joint naval exercise next summer; and, for Xi, the gift of a bench made of redwood.

But absent from the summit was any resolution regarding U.S. government allegations that APT groups operating from China have been waging a sustained and successful online industrial espionage campaign against U.S. government agencies and businesses, including defense contractors.

[ China accuses the U.S. of the same cyber intrusions. Read China To America: You Hack Us, Too. ]

The White House did, however, address information security concerns during the summit. Here are the takeaways:

1. Chinese Now More Aware, Says White House

Simply put, the White House had little to show on the information security front after the two-day talks in California, which began Friday. "The President made clear the threat posed to our economic and national security by cyber-enabled economic espionage," said the President's national security adviser, Tom Donilon, in a press briefing Saturday. "The President underscored that resolving this issue is really key to the future of U.S.-China economic relations."

2. White House Continues To Pursue Diplomacy

Still, some progress has been made. Donilon said that a three-part diplomatic strategy, hammered out in March 2013, had to begin by first getting China to even discuss cybersecurity, which it previously hadn't done. "I think this concern is acknowledged at this point," he said.

Second, the White House has asked China to investigate industrial espionage operations being run from inside its borders, "and the Chinese have agreed to look at this," Donilon said. Finally, he said that China agreed "to engage in a dialogue with the United States on norms and rules -- that is what is acceptable and what's not acceptable in the realm of cyber." The presidents also agreed to the creation of a cybersecurity working group that will begin meeting in July, and meet regularly thereafter.

3. China Talks Cybercrime Generalities

China has previously responded to allegations leveled by the U.S. government -- that the Chinese government supports a number of APT attack groups -- by saying that China gets hacked too, and President Xi reportedly emphasized that again during the summit.

But Donilon said the White House has been attempting to push beyond bland generalities about global cybercrime. "The discussion that we're having with China with respect to this topic is really not focused on cyber hacking and cybercrime," he said. "These are problems that we've faced and we've faced jointly."

"The specific issue that President Obama talked to President Xi about today is the issue of cyber-enabled economic theft -- theft of intellectual property and other kinds of property in the public and private realm in the United States by entities based in China," he said Saturday.

4. Chinese Media Downplays Cyber Angle

Diplomatically speaking, China is now striking a more conciliatory cybersecurity note, with government officials at least mentioning the word publicly. "At this summit, Xi told Obama that cybersecurity should be a new highlight of bilateral cooperation instead of a source of suspicion and friction," said China's official Xinhua News Agency. "They agreed to strengthen dialogue, coordination and cooperation through the already-established cyber working group."

But in recent days, multiple official Chinese press outlets have suggested that the U.S. media has been obsessing over information security. For example, political science professor Zhu Zhiqun at Bucknell University in Lewisburg, Pa., told the state-owned China Daily that many Western media outlets had focused on cybersecurity "without a proper understanding of the complex relationship between the two great powers."

"Cybersecurity is hardly a major issue between the two countries," claimed Zhu.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-3345
Published: 2014-08-28
The web framework in Cisco Transport Gateway for Smart Call Home (aka TG-SCH or Transport Gateway Installation Software) 4.0 does not properly check authorization for administrative web pages, which allows remote attackers to modify the product via a crafted URL, aka Bug ID CSCuq31503.

CVE-2014-3347
Published: 2014-08-28
Cisco IOS 15.1(4)M2 on Cisco 1800 ISR devices, when the ISDN Basic Rate Interface is enabled, allows remote attackers to cause a denial of service (device hang) by leveraging knowledge of the ISDN phone number to trigger an interrupt timer collision during entropy collection, leading to an invalid s...

CVE-2014-4199
Published: 2014-08-28
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp.

CVE-2014-4200
Published: 2014-08-28
vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, uses 0644 permissions for the vm-support archive, which allows local users to obtain sensitive information by extracting files from this archive.

CVE-2014-0761
Published: 2014-08-27
The DNP3 driver in CG Automation ePAQ-9410 Substation Gateway allows remote attackers to cause a denial of service (infinite loop or process crash) via a crafted TCP packet.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.