Congress advised to let US companies retaliate against Chinese hackers

[Shawn Knight]

Sometimes, the best defense is a good offense. That appears to be the motivating adage behind a recent report from the U.S.-China Economic and Security Review Commission which urges lawmakers to consider letting US-based companies hack Chinese hackers that have infiltrated their systems and stolen their data.

The report points out that cyber attacks originating from China have collectively cost US companies tens of billions of dollars in lost revenue and expenses related to investigating breaches and bolstering security after the fact. Stolen data such as trade secrets has been passed along to government-owned Chinese companies, the report claims.

This past September, President Barack Obama and Chinese President Xi Jinping agreed to a preliminary digital arms race treaty in which neither country’s government would conduct or knowingly support theft of trade secrets with the intent to provide a competitive advantage to their nation’s commercial sectors.

Nevertheless, the congressional advisory board’s report contends that China believes it has more to gain than lose from cyber attacks and that the costs incurred have been minimal compared to the perceived benefit. What’s more, the committee believes the campaign is likely to continue and could escalate.

Existing laws prohibit retaliatory attacks by private corporations and citizens, even if the intent is to simply recover or erase stolen data. FireEye Chief Security Strategist Richard Bejtlich told the Associated Press that there wouldn’t be much of an appetite for such a service in the private sector. Instead, he believes the US government should be responsible for any counter intrusions.

Permalink to story.

https://www.techspot.com/news/62824-congress-advised-us-companies-retaliate-against-chinese-hackers.html

 

[RustyTech]

Not sure why anyone is the US is complaining. They willingly gave all their info to China to begin with. Whose fault is it that the US companies decided to buy into the whole "cloud" thing and keep their valuables there? Ok, so perhaps it's on their own servers, but still available to anyone.

Lets just say it straight...they were far too dim to keep their stuff safe.

 

[insect]

1) "cost US companies tens of billions of dollars" - which means a lot of others have jobs doing cybersecurity, so the money isn't exactly lost; and
2) this sounds like a great way to start off a mega cyberwar - Eye for eye leaves the whole world blind and all?

@RustyTech - Hackers don't give a **** about my vacation photos. They are after Credit Card Numbers, government IDs, e-mail/pw combos, etc. That's the valuable stuff and that's stuff I have no control over whether it's online or not. Don't be a troll.

 

[RustyTech]

Insect, I can see what you're saying, but the picture is so much more broad. Just an example: it's the US companies who sent all manufacturing jobs to China. Keep in mind that with these job requests, they also need to send IP info so that the job can be completed. So who is to now stop they Chinese from creating their own version of whatever it is and selling it? Also, now that they have the company's info, they just turn around and hack them to get the rest of the IP.
I know this is an oversimplification, but it's a real example.

 

[Tanstar]

The Cyber Cold War is well under way!

 

[Uncle Al]

No reason to prevent it, especially since China isn't going to lift a finger to help .... American companies retaliate against local's through the courts; since China's court system is so one sided, why not allow the American companies to extract their pound of flesh in the only way left!