Last week, I attended the 2014 Computer Enterprise Investigations Conference (CEIC), where I got to talk to some very interesting people and sit in on some fascinating sessions. Two of the mornings of my trip, I was awoken by the breaking news alert tone on my phone. First was the news of the indictment of Chinese hackers and the next was the news of the eBay data breach. It was interesting to be surrounded by security professionals while such big cybersecurity news happened.
Not surprisingly, the Chinese hacker story generated a lot more conversation than the eBay data breach. In fact, there seemed to be a “new breach, different day” attitude about the eBay event. That’s not to say that the news wasn’t important, but I felt a definite “when will companies learn” vibe. Data breaches like the one that hit eBay (or Target, which was brought up a lot over the week) will remain a problem until enterprise gets a better handle on corporate security. As Jon Oltsik, senior principal analyst with the Enterprise Strategy Group, pointed out in one of the sessions I attended, organizations are still using old security tools, don’t have enough skilled security staff, and are more focused on putting out security fires rather than preventing them. At the same time, the bad guys are pulling way ahead in both skills and technology. To paraphrase the comic strip character Pogo, when it comes to cybersecurity, the enemy is us.
Unless the enemy is Chinese hackers. And as I said, that breaking news generated a lot of conversation at CEIC. Cyber espionage is on the rise. As Joel Brenner, former head of U.S. counterintelligence under the Director of National Intelligence and former NSA Inspector General, stated in his keynote address, we’re seeing a serious rise in attacks on industries like mining, manufacturing and transportation, and on a national security level, it is disconcerting.
I had a chance to talk to Brenner after his keynote speech, and I asked him specifically about the indictments. He agreed with the assessments of others I spoke with, that the indictments will likely never result in an arrest or trial, as there is little chance these men will ever come to the United States. However, he does believe there will be some retaliation that will likely be more along economic lines, as we are seeing with the Chinese ban of Windows 8 on government computers.
There is a delicate balance with China, Brenner told me. Our relationship with them is economic, and that includes the cybersecurity issues. They aren’t an enemy like the old Soviet Union. Will these indictments create hostilities and lead to trade sanctions? Only time will tell how this will all play out.