Risk
5/8/2013
05:03 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Senate Bill Calls For 'Watch List' Of Nations Cyberspying On U.S., Trade Sanctions

China faces increasing political pressure from the U.S. to curb its cyberespionage activity, but legislation not certain

In a week that began with the rare move of the Pentagon calling out the Chinese government and military for attacks on U.S. government networks, some key senators have drafted a bill that would create a watch list of nations conducting cyberespionage against the U.S., and spell out just what technologies and products are being stolen -- as well as which foreign firms benefit from the intellectual property stolen from the U.S.

The bipartisan bill, co-sponsored by Sens. Carl Levin, D-Mich.; John McCain, R-Ariz.; Jay Rockefeller, D-W.Va.; and Tom Coburn, R-Okla., is the latest move by the U.S. to ratchet up pressure on China, which has been outed as one of the world's biggest cyberespionage actors. China, in typical fashion, yesterday shot down the Defense Department's claims of cyberspying, calling them "irresponsible and harmful" and denying any state-sanctioned hacking.

The Deter Cyber Theft Act specifically requires that the U.S. National Director of Intelligence to create a "watch list" of nations engaged in cyberespionage activity against the U.S. and a priority list of the "worst offenders." It also calls for an accounting of the U.S. technologies or IP that were targeted, as well as a list of stolen information and the resulting products the information helped build, plus a list of the foreign companies that "benefit from such theft."

Under the bill, the president would block the import of products that contain stolen U.S. intellectual property as well as products from state-owned companies on the priority watch list.

"It is time that we fought back to protect American businesses and American innovation," said Sen. Levin, the chairman of the Senate Armed Services Committee, in a statement. "We need to call out those who are responsible for cyber theft and empower the president to hit the thieves where it hurts most – in their wallets, by blocking imports of products or from companies that benefit from this theft."

But legal experts say passage of The Deter Cyber Theft Act is no sure thing, especially after Congress's failure to pass a cybersecurity bill last year. But ever since the release of the Mandiant report in February, which offered the first real evidence of a long-suspected Chinese military link to cyberespionage against U.S. firms, Chinese cyberespionage has been all the talk in Washington. So the timing may be better for this bill, says Stewart Baker, partner in the Washington office of Steptoe & Johnson LLP and a former Department of Homeland security official.

"This is potentially a big deal for two reasons: First, it is an effort at deterrence of cyberespionage, which is quite different," Baker says. "Second ... it's a very serious potential sanction, saying they are going to refuse permitting imports from products from state-owned enterprises that are benefiting from cyberespionage. That could transform many markets."

The devil's in the details, of course. Just how the feds would be able to procure evidence of a foreign company benefiting from stolen U.S. intellectual property is unclear, Baker notes. "There are also uncertainties on how evidence can be obtained and whether the president is really willing to disrupt trade in that way. But it puts a very big card on the table."

Kristen Verderame, CEO of Pondera International and an attorney, is skeptical the Senate bill has a chance of passing, and says she thinks the sponsors didn't necessarily expect it to, either. "I don't think it was intended to go anywhere necessarily. It was to put a marker in the road," Verderame says. If the sponsors were confident they could pass actual legislation, they would have pulled together other committees and stakeholders, she says.

"These guys are passionate about cybersecurity. They want to do something. They feel like they need to make a statement and show they are serious about cybersecurity," she says. "In terms of any realistic hopes of anything passing [at this time], it's pretty slim."

Congress is still reeling from the failed attempts at a national cybersecurity law, and there just isn't the sufficient climate for getting the latest bill through, either. "Last year, [cyberespionage] was fresh and new. People are getting tired, so now it's turning to China-bashing," Verderame says.

Even so, she says, the more discussion and attention given the cyberespionage problem, the better. "The more noise out there, the better it is" for stronger action, she says.

[New research from multiple sources illustrates dominant role of China in cyberespionage. See Chinese Cyberespionage: Brazen, Prolific, And Persistent.]

Chinese actor groups made up 96 percent of all cyberespionage cases investigated last year, according to Verizon's latest Data Breach Investigations Report. About one-fifth of all breaches in the report were Chinese cyberesionage-based.

"Our economic prosperity and national security depend on bolstering our cybersecurity, and this bill is a crucial component of that effort," bill co-sponsor Sen. Rockefeller said in a statement. "We must cut the demand for stolen trade secrets by holding countries who engage in cyber theft accountable for their illegal activities and by preventing products that use stolen information from entering the U.S. market. Alongside other cybersecurity priorities – including stronger cybersecurity standards, cyber workforce training, R&D, and public-private information sharing -- this bill to elevate cyber theft as a national security priority is a major step forward for American workers, American businesses, and American ingenuity."

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message. Kelly Jackson Higgins is Executive Editor at DarkReading.com. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
PJS880
50%
50%
PJS880,
User Rank: Ninja
6/16/2013 | 2:55:03 PM
re: Senate Bill Calls For 'Watch List' Of Nations Cyberspying On U.S., Trade Sanctions
I am very certain
that the Department of Defense would make a claim without full evidence of
backing up their claim. Furthermore DOD would not be so bold as to accuse
another government of cyber espionage. I
am surprised that there is currently not s list that exist already, sort of
troubling donG«÷t you think? I do love the idea of starting top protect the
American peoples intellectual property from being stolen and also profited from
theft.

Paul Sprague

InformationWeek Contributor
femtobeam
50%
50%
femtobeam,
User Rank: Apprentice
5/11/2013 | 7:12:49 PM
re: Senate Bill Calls For 'Watch List' Of Nations Cyberspying On U.S., Trade Sanctions
What "bills like this"? Some have been waiting for decades for a "bill like this"! Why would a bill defining the origins of "cybertheft" be "bad for Americans"? What is truly "bad for Americans" is being targeted and stolen from. Your statement assumes that there are no mechanisms in place for determining routing and rerouting, something that would have been partially handled by Net Neutrality, had it passed.

Americans deserve to be free from intruders and cyber criminals. The United States seriously needs an accounting of these crimes and a way to redress grievances. Imposing a block on stolen goods will be at least some form of justice. Obviously, you have not read the Mandiant report, which supplied effective proof of not only the origins of cybercrime originating from the Chinese military compound in Shanghai, China, but also discovered the real names, IP addresses, email addresses and physical addresses of the 3 Chinese military personnel who accomplished the Chinese cyberspying mission against the United States.
PanicFox
50%
50%
PanicFox,
User Rank: Apprentice
5/10/2013 | 12:26:42 AM
re: Senate Bill Calls For 'Watch List' Of Nations Cyberspying On U.S., Trade Sanctions
This is bad.
This "Deter Cyber Theft" bill will only place restrictions on the people of america, as bills like this always have.
Not only that, IP's do not equal persons, and with this, someone routing an IP through a remote country and attacking America would cause America to respond to said country.
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading December Tech Digest
Experts weigh in on the pros and cons of end-user security training.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-2037
Published: 2014-11-26
Openswan 2.6.40 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads. NOTE: this vulnerability exists because of an incomplete fix for CVE 2013-6466.

CVE-2014-6609
Published: 2014-11-26
The res_pjsip_pubsub module in Asterisk Open Source 12.x before 12.5.1 allows remote authenticated users to cause a denial of service (crash) via crafted headers in a SIP SUBSCRIBE request for an event package.

CVE-2014-6610
Published: 2014-11-26
Asterisk Open Source 11.x before 11.12.1 and 12.x before 12.5.1 and Certified Asterisk 11.6 before 11.6-cert6, when using the res_fax_spandsp module, allows remote authenticated users to cause a denial of service (crash) via an out of call message, which is not properly handled in the ReceiveFax dia...

CVE-2014-7141
Published: 2014-11-26
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (out-of-bounds read and crash) via a crafted type in an (1) ICMP or (2) ICMP6 packet.

CVE-2014-7142
Published: 2014-11-26
The pinger in Squid 3.x before 3.4.8 allows remote attackers to obtain sensitive information or cause a denial of service (crash) via a crafted (1) ICMP or (2) ICMP6 packet size.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Now that the holiday season is about to begin both online and in stores, will this be yet another season of nonstop gifting to cybercriminals?