DEBATE PREP: America the cyber sucker?
November 16th, 2011
06:00 AM ET

DEBATE PREP: America the cyber sucker?

Editor’s note: This analysis is part of Security Clearance blog’s “Debate Preps” series. On November 22, CNN, along with AEI and The Heritage Foundation, will host a Republican candidate debate focused on national security topics. In the run-up to the debate, Security Clearance asked both the sponsoring conservative think tanks to look at the key foreign policy issues and tell us what they want to hear candidates address.

By The Heritage Foundation's James Jay Carafano, Special to CNN

The scene from "Casablanca" says it all.

"I'm shocked-shocked to find that gambling is going on in here," Police Inspector Renault declares.  Immediately, the croupier hands the chief inspector his roulette table winnings.

Renault's disingenuousness disclaimer could be the tag line for U.S. cyber security policy. Just last month, the Director of National Intelligence delivered a report to Congress – "Foreign Spies Stealing U.S. Economic Secrets in Cyberspace."  Its "shocking" conclusion: China and Russia are stealing us blind.

Quelle surprise! Chinese beachheads in U.S. cyberspace have turned up time and again for years.  Not long ago Chinese hackers so thoroughly penetrated the computer network at the U.S. National Defense University in Washington, D.C., the entire system had to be shut down and cleaned out.

As for the Russians, they've long been recognized as a real "bear" online.  The infamous Russian Business Network (RBN) brazenly ran all manner of illicit online operations- and there was never much doubt that they were working in collusion with Kremlin officials.

It was a mutually beneficial partnership.  RBN maintained a public homepage that accepted complaints about malicious activities.  The grievances were referred to the RBN "abuse team" for "investigation."  The team would then dutifully request a Russian judicial indictment against the offender. Conveniently, however, it proved almost impossible to obtain the indictment.

The Russian government is widely believed to be the prime mover behind the massive 2007 denial-of-service attack against Estonia.  But Moscow left no fingerprints.  The Kremlin is thought to have outsourced that particular piece of cyber dirty work to a derivative of RBN.

It is hard to believe the U.S. government wasn't aware of this.  Shortly after FBI Director Mueller visited to his counterparts in Moscow-RBN "disappeared."  Coincidence?  Or did Mueller read the Russians the riot act.  Regardless, as this latest report from the U.S. intelligence community shows, both Russia's criminal networks and its intelligence service are up to no good online.

Nor is there much surprise that online evildoers are homing in on "economic" targets. It is estimated that half of the world's intellectual property is in the United States.

Another Inspector Renault moment came right after the report was released.  Issuing an unbelievable, bold-faced response, China's foreign policy spokesperson dismissed the U.S. allegations as "unprofessional and irresponsible."  This is rich.

In fact, the U.S. intelligence community report pulled its punches, acknowledging it could not pin all of this activity directly on the government. That is because Beijing is not stupid.  It has created-and mastered-the art of "patriotic hacking," enlisting citizens to steal secrets for them and then rewarding them for their "patriotism."

Cybersecurity is a weighty issue, one that should be addressed in the upcoming GOP presidential candidates debate dedicated to foreign policy and national security.

Certainly it's a security challenge that requires presidential leadership.  Currently, at least 18 major cyber bills are pending in Congress.  Lawmakers are less of one mind on cyber than they are on how to balance the budget.  America needs savvy cyber-strategic leaders.  And there's no better place for it to start than at the top.

James Jay Carafano is director of the Allison Center for Foreign Policy Studies at The Heritage Foundation

Filed under: 2012 Election • Analysis • Bachman • Cain • China • Cybersecurity • Debate Preps • Gingrich • Huntsman • Paul • Perry • Romney • Russia • Santorum • Technology
soundoff (60 Responses)
  1. Alyce Pinchbeck

    Enjoyed studying this, very good stuff, regards . "Golf isn't a game, it's a choice that one makes with one's life." by Charles Rosin.

    March 4, 2021 at 9:45 am | Reply
  2. Arlyne Overbough

    January 28, 2021 at 10:03 pm | Reply
  3. Chieko Myntti

    i would like to replace our bathroom lighting with light emitting diodes to save electricity-

    January 12, 2021 at 12:17 am | Reply
  4. Efrain Steppe

    There are some fascinating time limits in this article but I don know if I see all of them center to heart. There’s some validity but I will take maintain opinion till I look into it further. Good article , thanks and we want more! Added to FeedBurner as properly

    December 20, 2020 at 6:56 pm | Reply
  5. us1776

    Snapshots of data doesn't always help you understand the whole process.

    You need to see how data is changing over time to really understand what is going on.


    November 16, 2011 at 7:41 pm | Reply
  6. RealityG

    At least the Chinese are smart enough to have the ability to do hack. And HOW is this any different from viral spam or phishing acts coming from WITHIN the United States? Cyberspace is a problem of not only against the gov't, but personal privacy too; and China/Russia are definitely not the only ones involved. Just look at all of those attacks within USA soil. Time to pull up a mirror and look at it.

    And please, don't generalize that ALL Chinese are hackers or want to break the US gov't. There are millions of Chinese in the US and around the world.

    November 16, 2011 at 6:43 pm | Reply
  7. darner

    For anyone who has peaked at government code, you know that it is a joke. They hire the cheapest people they can get to secure the national national netwrok, they have no clue.

    November 16, 2011 at 4:52 pm | Reply
    • darner

      national network*

      November 16, 2011 at 4:52 pm | Reply
  8. SixDegrees

    [cough] No mention of the extremely slick Stuxnet virus that targeted Iranian nuclear reactor components.

    November 16, 2011 at 3:47 pm | Reply
    • darner

      That was inserted by a spy to a closed network, the U.S. is leaking information over secure networks that are not closed. If someone infiltrated our closed networks that would be an even bigger problem.

      November 16, 2011 at 4:54 pm | Reply
      • SixDegrees

        Just pointing out that Russia and China are by no means the only players in this game.

        November 16, 2011 at 5:15 pm |
  9. Lefty

    DemocracyNow – yup – China is not smart – as they just invited our astronaut to go into space with theirs, and they are building bullet trains, and working on their infrastructure. If you want to hear not smart – listen to the Repulican debates. With your attitude – we'll be speaking Chinese in just a very few sort years. China is smart like a fox and holds a lot of the world's money.

    November 16, 2011 at 3:41 pm | Reply
    • CarAdvisor

      Haha China isn't smart! Their Cyberspace is so bad that if USA had to launch an attack on them now their cyberspace would have to go for a longer clean up than the NDU, by the way, I challenge the Chinese to penetrate the NSA if they are so talented!! Russians are the best in almost everything, They are amazing, but still with proper planning US can become better than them! NSA is still the best and probably the ultimate Cyber Agency, even Russia cant penetrate their networks and even if they do it with great difficulty it would be one of the least important & least secure sector, by the way all the hacking is good in one respect coz US can understand all its weaknesses and work on them!

      As for ur post – China makes bullet trains under tot from japan/europe all their trains are shinkansens or alstom made trains – Now as China started copying them they are going to stop delivering more trains I believe!

      January 28, 2012 at 11:26 am | Reply
  10. Lefty

    I wonder when the average American (including candidates for POTUS) are going to realize that smaller government In some cases is going to leave us very vulnerable? There are things that are definitely state issues but there are definitely things that only a player as big as the federal government can handle to compete in a global market. Otherwise, we are going to see a lot more of this while we squabble. Lack of knowledge and foresight on the part of the voting public is a big part of this while the other part is lack of vision, and greed on the part of our "leaders" and I say that word with tongue in cheek.

    November 16, 2011 at 3:37 pm | Reply
  11. Feast of Beast

    The vast majority of Chinese schoolchildren surveyed want to grow up to be hackers. Hackers are national hereos to them, and they function free of government interference as long as they act against the USA. You'd think that would be a deal-breaker in our countries' relations, but apparently not.

    November 16, 2011 at 3:29 pm | Reply
    • marc gunn

      The problem with what this article and you say is that it's all conjecture. Even the patriotism and school children part. We are projecting what we might do to what they are doing.

      If indeed this happens then we need to PROVE it, and even then we wouldn't be able to prove any specific attack. But at least prove the conjecture that they support this among their populace. How? Easy. Pay someone to rat out. They're so poor a scant million should make many fess up. But I haven't read of any, esp that can be verified by interviewing on specifics.

      November 16, 2011 at 8:48 pm | Reply
  12. god

    Why doesn't the high and mighty Anonymous go after these groups?

    November 16, 2011 at 2:37 pm | Reply
    • god

      because they aren't as good...

      November 16, 2011 at 2:42 pm | Reply
    • darner

      because they do not attack other hackers nor care about the weak U.S. network.

      November 16, 2011 at 4:56 pm | Reply
    • Joe

      Are you implying that the nation state of china is actively engaged in cyber terrorism and directing the activities of the group called annonymous?

      November 16, 2011 at 11:46 pm | Reply
  13. Rachel

    Cybersecurity is a huge issue today, especially considering the recent China-hacking discovery. However, in order for this issue to be straightened out, the U.S. government must straighten out its financial state. If anything this should motivate those on Capitol Hill to act quickly to reduce spending. The national debt is now $15 trillion - we cannot move forward in fixing this nation's issues if we are owing considerable amounts of money to other countries (including China). I just read a book on how the U.S,' financial problems are directly related to China's politics. You can check it out at: It really opened my eyes to the issue of U.S.-China economic relations.

    November 16, 2011 at 2:16 pm | Reply
    • DemocracyNow

      We need to counter-attack cyber-espionage with military engagement. We need to put more military bases around China and Russia to keep America safe.

      November 16, 2011 at 3:35 pm | Reply
    • marc gunn

      I doubt anything can be directly related to our own financial woes except a look at ourselves. No one coerced us into trade. No one wrote international rules without us dominating the discussion. ITS ALL CONSENSUAL. No one pointed a gun in our face to make us trade (unlike what the west did to colonies, etc.) We did this to ourselves. We overspent.

      November 16, 2011 at 8:51 pm | Reply
  14. Deathstalker

    Haha whatever anyone that is in the know, knows China, Russia and almost all other countries work with hackers and so does America. America is just better at it and doesnt get caught.

    November 16, 2011 at 1:56 pm | Reply
    • DemocracyNow

      That is not true! Unlike those commies, the US operates with MORALS and INTEGRITY. We do not engage in ANY cyber wrong-doings. If the US were doing cyber-espionage, they would inform the public because that is the right thing to do. Unlike those crafty Chinese and Russian theives.

      These cyber-terrorist-espionage-secret stealing hacker attacks must be stopped! Either with military or cyber revenge. We cannot let these foreign terrorists break the law.

      We need to work more with Google, Facebook, Apple, and Microsoft to protect our safety, even if that means giving them more access to our privacy. We need to stop pirating illegal software and putting money in the pocket of copyright theives. We need smarter programmers to fix the cyper-space problem and protect/attack the Russian/Chinese hackers.

      November 16, 2011 at 3:28 pm | Reply
      • Sure

        I can´t tell if youre just naive or being sarcastic...

        November 16, 2011 at 3:46 pm |
      • mrhapiguy

        you must be joking

        November 16, 2011 at 5:48 pm |
      • marc gunn

        Must be joking... We assassinated more, pushed for coup d'etats, instigated, infiltrated, subverted, etc. more internationally than anyone else. One reason though is we were more capable, not saying the other countries were better. Think Latin America coups, dictators we supported, bombs we dropped in Vietnam, Iraq, etc. and of course the savory individuals we dealt with when arming the mujahadeen in Afghanistan.

        November 16, 2011 at 8:55 pm |
      • Joe

        The us government would not knowingly jepordize the public safety and security of its national interest.... The government officials are beyond corrupt ideologies of self interest or abuse of their authority for personal gain!

        November 16, 2011 at 11:51 pm |
  15. cyg

    Invade, promptly. GOP is willing to send contractors forth by the millions to see we have say in the global economy OUR way.

    November 16, 2011 at 1:48 pm | Reply
  16. blahblah

    Privatize the US cyberspace thoroughly, we need small gov. "Walk away Fed this is not our problem, we need small gov" say's the Reps

    November 16, 2011 at 1:41 pm | Reply
  17. shhh!

    Ether US are the most incompedent secret keepers.
    Or they do this to Look Stupid.
    and keep the real secrets well hiden.
    and they put up a fake face.
    I think they are just stupid.

    November 16, 2011 at 1:13 pm | Reply
  18. TonyKMN

    If we had actual leaks, do you really think...

    "Just last month, the Director of National Intelligence delivered a report to Congress – "Foreign Spies Stealing U.S. Economic Secrets in Cyberspace.""

    ...we'd be making it public knowledge? All of this is misinformation and deception meant to confuse and lure unknown threats into becoming known. Why spend time and effort looking for these people when we can just lure them into exposing themselves?

    November 16, 2011 at 1:11 pm | Reply
    • shh

      you aren't supposed to analyze, just show your utmost fear! That concept is concieved by only the best manipulators and comprehendable masterminds, the USA! So take a shot, it's already been done, why not do it some more... I think economic strategies should not be secret in anyway. But this is a manifest of the power struggle as humans, take it for what it's worth, and take it upon yourself to do your best and safegaurd your privacy.It is a harsh reality, seeking what may or may not be truth.

      November 16, 2011 at 4:42 pm | Reply
  19. m00nsuit

    Today's security is tomorrow's obscurity.

    November 16, 2011 at 1:01 pm | Reply
  20. JeffinIL

    Why does our government insist on using Windows? It should be using a Unix based system. It's not unhackable, nothing is, but it's harder to hack.

    November 16, 2011 at 12:24 pm | Reply
    • JRay

      The US Government's crucial military and intelligence networks are are separate, encrypted, protected networks designed against intrusion. These networks are in no way connected to the internet. Most leaks and theft occur from individuals, both US citizens and foriegn nationals, who have access and abuse it. While ancilliary data exists on other public domains, rest assured the crucial items are protected and that UNIX is used. The US also maintains cyber defense and cyber attacks. It's carried out by the Government, military, and defense contractors. While the US is covert and secretive about its capabilities, have no fear that the US leads the world in technology and ability. China recruits within the country, so that tracing it back and blame is never on its Government. Russia is secretive, as are other countries. The material that is being stolen is 'economic', meaning everything from financial data, plans, credit cards, personal information, etc. The material is in the public domain, or accessible via private corporate networks that are connected to the internet. While the US is being hacked, you can rest assured that the US is returning the favor as well.

      November 16, 2011 at 12:51 pm | Reply
      • Mac

        Although, the defence and security agency networks are "isolated", they do come in contact with the "regular" internet in some areas especially the so called non esential aeas. When that happens, it opens a back door entry into the secure netowrks as well. It is just a matter of time and effort to find these interconnecting areas. Obviously there will be still finrewalls and layers of security protection, but nevertheless, none of these systems are impenetrable.

        November 16, 2011 at 1:13 pm |
      • Chuck

        What I've witnessed from my time in military intelligence is that these networks are often virtually separated (router isn't supposed to route data between the two networks) but use the same routing equipment. If that equipment gets hacked, then the network can be breached from the internet. This was a problem 10 years ago. I cannot confirm that it still is.

        November 16, 2011 at 1:53 pm |
      • SecurityGeek

        Please read "Cyber War" and "Your Government Failed You" > both by Richard A Clarke. Your eyes will be opened and you will be very surprised as to how vulnerable to cyber theft and attack the US actually is. Mr. Clarke does an excellent job of explaining our weaknesses while offering valid suggestions to fix the problems. He spent 11 years of his 30 year career serving at the White House regarding national security. He knows his subject well.

        November 16, 2011 at 3:31 pm |
  21. Inciteful

    The U.S. cyber intelligence infrastructure must position itself to be able to isolate and identify hacking by its enemies. Those U.S. citizens who hack create too much noise to be able to identify friend from foe. [Although all hackers are foes.] Therefore, U.S. citizens who are caught hacking should face life in prison as the penalty. The U.S. cannot afford to indulge these brain-game players as benign interference to its cyber security.

    November 16, 2011 at 12:21 pm | Reply
    • t

      I would authorize the special forces to engage in exercises to relocate hackers to prisons.

      November 16, 2011 at 1:33 pm | Reply
      • god

        good luck finding them...

        November 16, 2011 at 2:35 pm |
  22. Renee Marie Jones

    The designers of the Internet deserve a portion of the blame for security issues; it was designed as a collaborative network between honest people. However, the bulk of the blame lies squarely on the shoulders of the U.S. Government. When the Internet was growing up, the U.S. Government did everything it could to stop the use of encryption for security, going so far as to restrict the use of https browers! You people probably don't even remember when you had to jump through hoops to prove you were a US citizen before downloading a secure web browser! It was even illegal to re-export books bought abroad! Then, the patent system was used to cripple development of encryption tools in the U.S. and stifle innovation in secure communications.

    In short, the U.S. Governments meddling in the Internet in the name of "security" is the dominant reason by we are currently insecure.

    November 16, 2011 at 12:11 pm | Reply
    • Gary S

      As a security professional, I must point out that this situation has been developing for over 30 years. Let's remember the 'internet' began as a US Govt-funded research project. The original need was for researchers to exchange data– not for security. In the days of ARPA-net, 'Security' was discouraged because it inhibited free exchange of data. What we have now is the same Internet Protocol (IP) that was developed in the 1970s– with very few changes. This new era demands nothing less than a redesign of the internet, probably beginning with IP-version6.

      November 16, 2011 at 1:16 pm | Reply
      • SK

        IPV6 has nothing to do with it – the packets are essentially the same just with a different address. It like saying I moved from 123 Sesame St to 2903847918730980283409725803498 Sesame St for security reasons. It looks intimidating but it is just bits.

        November 16, 2011 at 2:01 pm |
  23. The US should follow China

    The US Government should go the route of the patriotic hacker, hacking computers belonging to US companies, or that are physically present in the United States should still be illegal, however they should allow hacking of computers on foreign soil. Doesn't matter if its an ally or enemy, and then provide an online forum for the hackers to give their shout outs and get their moment in the spot light. The only requirement for immunity in US courts should be that they have to make any information garnered public.

    November 16, 2011 at 11:49 am | Reply
  24. VR13

    Oh, and our responce to the problem is to debate it in congress and pass 16 more toothless bills that don't give us any athority over overseas hacking. They are overseas and we can forget about getting them, no matter how many times we call it a crime. But noone said anything about putting security measures on our backbone networks, mostly because they are private and government doesn't spend money on private business. Meanwhile, most smaller companies just remain absolutely unprotected, saying, "It will never happen to me, I can't afford spending money." Our future is bright indeed, let's debate it some more in another congress committee.

    November 16, 2011 at 11:26 am | Reply
  25. moiraesfate

    Remember, this is what you get when you privatize everything. The gvt isn't willing to invest in anything because the people are dumb enough to think that corporations should control it all. If the gvt properly invested in hiring genius hackers to protect this country, they wouldn't be having such troubles. Stop sending soldiers overseas to die in foreign wars. Stop the rich top 1% control everything. Start investing in the people.

    November 16, 2011 at 10:04 am | Reply
    • blahblah

      Am i hearing this correctly, are we asking the gov to help take care this issue? I'm pretty sure it will be UNAMERICAN according to the Republicans because that will mean the Fed will be getting bigger instead of small, we cant have that, we dont want the goverment to control everything, so dont come running to the gov for help, go ahead privatize everything. Why dont we just privatize the DOD cybersecurity sector to china or a russian private company while we're at it to make the gov smaller.

      November 16, 2011 at 11:26 am | Reply
    • VR13

      Yes, that sounds about correct. If you noticed, the Chinese and Russian hackers are government directed. Do you expect an individual business to be able to defend itself on its own from the governments of the two biggest countries in the world? Most business don't even understand what the problem is all about nor can they afford building an expertise – we are no longer good at long-term investements.

      November 16, 2011 at 11:30 am | Reply
      • blahblah

        i agree with you on point that a small business cannot defend itself if attacked by a very capable foreign nations but we've all seen what it takes and what happens when an administration try's to step in and help private corp and businesses, Its a disaster because all these politicians think about is pleasing their camps. If the United States think we can isolate our selves from the rest of the globe by have a "small gov" and depending on privatization and letting these businesses run astray, we are making a bigggggg mistake. Companies only want one thing and one thing only, PROFIT, and they will take it if you give it to them for free and let your INTEL and sensitive infor stand out for grabs in cyberspace if possible. (Solution)-–spend more on things that matters, that means outfitting our cybersecurity sector to compete with foreign powers instead of worrying who will design the next facebook and iphone we should start worrying about who will break the Russian and Chinese cyber defence. Its time to face reality.

        November 16, 2011 at 12:44 pm |
  26. MikeGCNY

    Thank you capitan obvious. The last 10 years have shown how badly protected we are when it comes to cyber security and economic espionage. Do you have anything new to add?

    November 16, 2011 at 8:55 am | Reply
  27. Gary

    The problem with reports like these is that the Chinese ALWAYS deny them and just say these are "false accusations". The Russians probably refuse to admit these intrusions as well.

    November 16, 2011 at 8:54 am | Reply
    • parmiz

      isn't that the point of hacking? So they can deny it?

      November 16, 2011 at 9:31 am | Reply
    • DemocracyNow

      That's because commies cannot be trusted. Lying is Russia's way of life and theiving is China's way of life. Of course they will deny it. China cannot innovate, they are not creative, and they are not really smart. That's why they have to hack into our advanced secure networks to steal trade secrets. The Russians also want to ruin the integrity of America.

      November 16, 2011 at 3:33 pm | Reply

Post a comment


CNN welcomes a lively and courteous discussion as long as you follow the Rules of Conduct set forth in our Terms of Service. Comments are not pre-screened before they post. You agree that anything you post may be used, along with your name and profile picture, in accordance with our Privacy Policy and the license you have granted pursuant to our Terms of Service.