New Rand thinking on conflict in cyberspace.
“The Chinese government is ratcheting up its cyberspying operations against the U.S.,” states the lead of the Wall Street Journal’s latest story on the cyber insecurity issue. Requested by the U.S.-China Economic and Security Review Commission, the report is another in a string of allegations regarding China’s use of the Internet as an intelligence gathering tool. The report’s authors, employees of defense giant Northrop Grumman.
Tabling NG’s $10 billion information systems business, what is disappointing about the report is that there are no stunning new revelations or on-record sources with jaw-dropping news. Like Dragnet, the names have been changed to protect the innocent, etc. Once again we hear that the Chinese intelligence services, like others, including our own, are using the Internet to collect critical intelligence.
Yes, China is using the Internet to collect intelligence. They are also writing in their military journals on how they plan to use the Internet in military conflict. We are also writing similar articles and manuscripts in this country. Sad, especially for the John Perry Barlow sort of thinkers regarding cyberspace is the reality that the militarization of cyberspace is well underway.
More important is the far bigger geopolitical issue that we need to get over. The United States has a choice, it can either figure out a way to work with China, which will be very difficult, or embark upon a new Cold War in Asia, which will be very expensive. That I leave to the China experts. On my topic, while the United States will need a grand strategy for cybersecurity, we need not unquestionably bow to an Electronic Pearl Harbor or Cyber Katrina thinking and paint the PRC as a monstrous, monolithic cyber threat.
Answers to the question of how to secure cyberspace will largely not be found in the Pentagon, but rather in Silicon Valley, Bangalore, Helsinki, Seoul or anywhere else software makers may be congregate. That is because, in the words of AT&T cybersecurity chief Ed Amoroso, “software engineering has to grow up soon.” We will not buy cybersecurity like we do national security. There isn’t an F-22 to protect us in cyberspace. The activity will be far more organic and broad in nature than procuring a capability or platform, and it will take time.
Christopher Bronk is the Baker Institute fellow in technology, society and public policy. He previously served as a career diplomat with the United States Department of State on assignments both overseas and in Washington, D.C.