Why our lack of understanding on China may be the biggest risk

If you don't understand the capabilities and motivations of your adversaries you can't expect to be very successful in managing your relationship with them, negotiating, or defending against their advancements.

This is especially true today when it comes to nation-state cyber threats, according to Lt. Col. (ret) William Hagestad II. Hagestad spoke as the opening keynote this week past weekend at the security conference BSides MSP, held just outside of Minneapolis.

If your organization doesn't understand the nature of the information security and intellectual property threats that face enterprises today, and how to defend IT systems, data, and intellectual property the years upcoming are liable to be very jarring.

While Hagestad is a widely known expert on Chinese cyber conflict capabilities, and has written two books on the subject, "21st Century Chinese Cyber Warfare" (2012) and "Operation Middle Kingdom: China's Use of Computers & Networks as a Weapon System" (2013) his core message this week is that the U.S.'s lack of understanding of what or who China is and how to deal with the nation may actually be its biggest risk when it comes to the growing power.

[Related: How to secure a company's Chinese development]

His primary example of a botched policy occurred this May, when a grand jury in Pennsylvania indicted five Chinese military officials for computer hacking, economic espionage and other offenses they allegedly directed at Westinghouse, U.S. subsidiaries of SolarWorld, U.S. Steel, Allegheny Technologies Inc., the United Steel, Paper and Forestry, Rubber, Manufacturing, Energy, Allied Industrial and Service Workers International Union as well as and Alcoa.

That indictment asserts that the defendants conspired to gain unauthorized access to those organizations' computers and to steal information that would be useful to their competitors in China. In some cases, the indictment alleges, the conspirators stole trade secrets. "This is a case alleging economic espionage by members of the Chinese military and represents the first ever charges against a state actor for this type of hacking," U.S. Attorney General Eric Holder said in a statement issued at the time of the indictment.

Hagestad didn't mince words when criticizing the potential impact of charging five Chinese military officials with hacking crimes: "This is probably the worst thing we could have done, in my opinion," he said. "Placing them on the same wanted posters as jihadists and terrorists. It says we don't understand them and are out of ideas. And if there was any relationship building in place, it was castrated with this dumb action," he said.

The result of that indictment, as well as the fallout from the Snowden revelations, has been a catalyst for the chilling of the relationship between the U.S. and the Chinese on many levels, including commercial, Hagestad contented. This is especially true among the technology sector, but also in other sectors, including automotive.

Companies such as GM, Audi, Volkswagen and others "are all now being investigated for fraud or malfeasance because of that [indictment] action," he said. "Essentially, the Chinese feel justified in their beliefs, based on the revelations of Snowden, that any American or foreign company is not to be trusted," he said.

Not that Chinese enterprises are to be trusted with intellectual property themselves, and Hagestad cited Nortel Networks Corporation as his case study. Following the beginning of a joint venture in 2001, members of Nortel's technical staff identified what they believed to be Nortel's technology appearing within Chinese markets in which Nortel did not compete. The team informed management, and was dismissed. "They were told not to worry about it. That they were too technical and that they didn't understand the businesses," Hagestad said.

Nine years after that joint venture the marketability and competitiveness of Nortel ceased to exist because Huawei had entered Nortel markets with Nortel intellectual property with pricing at levels Nortel couldn't compete with, Hagestad said.

There's little doubt that nation state-backed cybersecurity threats are only going to grow worse in the years ahead, according to Hagestad, so there should be little solace found in the fact that the U.S. and U.S.-based enterprises are probably not even China's top target.

According to Hagestad, China is most concerned about nations within its immediate geographic reach. The US is not the number one target, he said. The number one targets are actually Japan, Philippines, Vietnam, and Taiwan.

Join the CSO newsletter!

Error: Please check your email address.

Tags securitycyberwarfareChinamilitary cyberattacksadvanced persistent threatsb-sidescyberwar

More about Cyber WarfareHuaweiInc.NortelNortel Networks

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by George V. Hulme

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts