Risk
6/10/2013
06:41 PM
Connect Directly
RSS
E-Mail
50%
50%
Repost This

U.S.-Chinese Summit: 4 Information Security Takeaways

What did the summit accomplish with regard to cyber spying and cyber attacks -- and what's left undone?

The Syrian Electronic Army: 9 Things We Know
(click image for larger view)
The Syrian Electronic Army: 9 Things We Know
Don't expect advanced persistent threat (APT) attacks emanating from China to stop anytime soon.

During a historic, two-day summit last week, President Barack Obama and Chinese president Xi Jinping spent eight hours discussing numerous issues of mutual concern. Results included new agreements on greenhouse gas emissions and North Korea; plans to run a joint naval exercise next summer; and, for Xi, the gift of a bench made of redwood.

But absent from the summit was any resolution regarding U.S. government allegations that APT groups operating from China have been waging a sustained and successful online industrial espionage campaign against U.S. government agencies and businesses, including defense contractors.

[ China accuses the U.S. of the same cyber intrusions. Read China To America: You Hack Us, Too. ]

The White House did, however, address information security concerns during the summit. Here are the takeaways:

1. Chinese Now More Aware, Says White House

Simply put, the White House had little to show on the information security front after the two-day talks in California, which began Friday. "The President made clear the threat posed to our economic and national security by cyber-enabled economic espionage," said the President's national security adviser, Tom Donilon, in a press briefing Saturday. "The President underscored that resolving this issue is really key to the future of U.S.-China economic relations."

2. White House Continues To Pursue Diplomacy

Still, some progress has been made. Donilon said that a three-part diplomatic strategy, hammered out in March 2013, had to begin by first getting China to even discuss cybersecurity, which it previously hadn't done. "I think this concern is acknowledged at this point," he said.

Second, the White House has asked China to investigate industrial espionage operations being run from inside its borders, "and the Chinese have agreed to look at this," Donilon said. Finally, he said that China agreed "to engage in a dialogue with the United States on norms and rules -- that is what is acceptable and what's not acceptable in the realm of cyber." The presidents also agreed to the creation of a cybersecurity working group that will begin meeting in July, and meet regularly thereafter.

3. China Talks Cybercrime Generalities

China has previously responded to allegations leveled by the U.S. government -- that the Chinese government supports a number of APT attack groups -- by saying that China gets hacked too, and President Xi reportedly emphasized that again during the summit.

But Donilon said the White House has been attempting to push beyond bland generalities about global cybercrime. "The discussion that we're having with China with respect to this topic is really not focused on cyber hacking and cybercrime," he said. "These are problems that we've faced and we've faced jointly."

"The specific issue that President Obama talked to President Xi about today is the issue of cyber-enabled economic theft -- theft of intellectual property and other kinds of property in the public and private realm in the United States by entities based in China," he said Saturday.

4. Chinese Media Downplays Cyber Angle

Diplomatically speaking, China is now striking a more conciliatory cybersecurity note, with government officials at least mentioning the word publicly. "At this summit, Xi told Obama that cybersecurity should be a new highlight of bilateral cooperation instead of a source of suspicion and friction," said China's official Xinhua News Agency. "They agreed to strengthen dialogue, coordination and cooperation through the already-established cyber working group."

But in recent days, multiple official Chinese press outlets have suggested that the U.S. media has been obsessing over information security. For example, political science professor Zhu Zhiqun at Bucknell University in Lewisburg, Pa., told the state-owned China Daily that many Western media outlets had focused on cybersecurity "without a proper understanding of the complex relationship between the two great powers."

"Cybersecurity is hardly a major issue between the two countries," claimed Zhu.

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-0360
Published: 2014-04-23
Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376.

CVE-2012-1317
Published: 2014-04-23
The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial of service (Route Processor crash) by sending packets at a high rate, aka Bug ID CSCts37717.

CVE-2012-1366
Published: 2014-04-23
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.

CVE-2012-3062
Published: 2014-04-23
Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a network that contains many IPv6 hosts, aka Bug ID CSCtr88193.

CVE-2012-3918
Published: 2014-04-23
Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/HDLC mode, allows remote attackers to cause a denial of service (serial-interface outage) via certain Frame Relay traffic, aka Bug ID CSCub13317.

Best of the Web