US urged to permit self-defense retaliation on hackers

Would retaliatory attacks make hackers think twice?
Written by Charlie Osborne, Contributing Writer on

Throwing money at creating cyberpolice forces and technology to keep up with digital threats may not be the only tactics the U.S. will employ in the future.

As a meeting between President Obama and the new president of China, Xi Jinping, draws near, former senior officials in the Obama Administration will recommend a series of steps to deter hackers from the country from stealing U.S. industrial secrets.

As reported by The New York Times, Dennis C. Blair and Jon M. Huntsman Jr., leaders of the private Commission on the Theft of American Intellectual Property, suggest that if less forceful measures to deter hackers fail, then companies should be granted the right to protect their systems on their own terms.

The right to retaliate against cyberattackers is detailed in the commission's report, due for release today.

China and the United States have constantly clashed over the prevalence of cyberattacks. A recent report issued by the U.S. Department of Defense laid the blame for widespread cyber espionage campaigns against U.S. targets squarely at the Chinese government and military's feet, just as security firm Mandiant claimed that China is responsible for an "overwhelming number" of cyberattacks in February.

China denies these claims, and has said that accusations are "groundless."

Recently, former and current government officials said that a Chinese attack on Google servers in 2010 resulted in the exposure of data relating to U.S. surveillance targets.

Huntsman commented:

"China is two-thirds of the intellectual property theft problem, and we are at a point where it is robbing us of innovation to bolster their own industry, at a cost of millions of jobs. We need some realistic policy options that create a real cost for this activity because the Chinese leadership is sensitive to those costs."

The new report proposes that in order to stop the theft of intellectual property, foreign firms that wish to be listed on the stock exchange would have to pass a review by the Securities and Exchange Commission to make sure they are not using stolen technology. In addition, Congress should "greatly expand the number of green cards available to foreign students who earn science, technology, engineering and mathematics degrees in American universities and who have a job offer" in the United States. This may encourage students to stay in the country, rather than take their skills and knowledge elsewhere and later work for U.S. competitors.

When dealing with cyberattacks, the former senior officials propose allowing American companies to "be able to retrieve their electronic files or prevent the exploitation of their stolen information" by either including self-destruction capabilities within files, or counterattack directly.

If hacking counterattacks are made legal, the report argues, then "there are many techniques that companies could employ that would cause severe damage to the capability" as long as law enforcement agencies are aware of what's going on. However, if attacking becomes the best defense, then some government officials fear that the cyberwar between nations will quickly escalate and could end up out of control.

As a last resort, the report says that tariffs or restrictions could be placed on the import of Chinese products, a measure that Senators have already considered. This month, a new bill was proposed that would block the import of products which contain U.S. technology stolen through cybercrime.

Editorial standards