Cyber Karma: Making Costs to Foreign Powers who Steal our Intellectual Property (IP) Commensurate with the Value of the Stolen IP
In short, this proposal is simply to bring to bear some cyber karma on those nations who steal U.S. intellectual property.
Therefore, if any nation, like China, pillages our military or digital or agricultural or any other intellectual property (IP) that is essential to the well being of our national defense, national security or our economy, launches cyber operations to target and exfiltrate such intellectual property and knowledge back to their home country, the U.S. should make it national policy to respond, with our national cyber assets, thusly:
- Seek and destroy that stolen information.
- Retaliate by stealing information of equal value, and destroying it at its source.
- If no information of equal value exists, commensurate attacks on the thieving nation’s economic assets should be launched and sustained until the costs equal the value of the stolen information.
- IP honey traps with design flaws that cause catastrophic failure when copied should be planted in areas of interest to hostile foreign powers.
- Particularly useful IP should be tagged to track its locations if it is exfiltrated.
Over time, foreign powers targeting U.S. intellectual property will get the message: there is a high cost to cyber theft, which will be paid.
The recent story by Bill Gertz, about his book “Deceiving Skies,” clearly recites the actions of the Chinese military to steal one of our key national defense assets and advantages — our heavy airlift capability.
At the risk of over-quoting the Gertz article, it is essential to understand what the Chinese did, in their own words. From Deceiving Skies:
“For the Chinese, the operation to steal the vital secrets was an intelligence coup of extraordinary magnitude. Not only did Chinese aircraft manufacturers save billions of dollars in development costs, but those companies quickly incorporated the secrets in a new PLA transport, Y-20, that cost a mere 2.7 million RMB, or $393,201.98 for the entire cyber-spying operation.
“The PLA summary of the operation read in part:
“… Thorough planning, meticulous preparations, seizing opportunity, [we] initiated all human and material preparations for the reconnaissance in the beginning of 2009. After a few months’ hard work and untiring efforts, through internal coordination [we] for the first time broke through the internal network of the Boeing Company in January of 2010. Currently, we have discovered in its internal network 18 domains and about 10,000 machines.
“From breaking into its internal network to obtaining intelligence, we repeatedly skipped around in its internal network to make it harder to detect reconnaissance, and we also skipped around at suitable times in countries outside the U.S. In the process of skipping, we were supported by a prodigious quantity of tools, routes, and servers, which also ensured the smooth landing of intelligence data.
“… We made appropriate investment and reaped enormous achievement. Through our reconnaissance on the C-17 strategic transport aircraft, we obtained files amounting to 65G [gigabytes]. Of these, there were 630,000 files and 85,000 file folders, containing the scans of C-17 strategic transport aircraft drawings, revisions, and group signatures, etc. The drawings include the aircraft front, middle, and back; wings; horizontal stabilizer; rudder; and engine pylon. The contents include assembly drawings, parts and spare parts. Some of the drawings contain measurement and allowance, as well as details of different pipelines, electric cable wiring, and equipment installation.
“Additionally, there were flight tests documents. This set of documents contains detailed contents, and the file system is clear and detailed, considered top-flight drawings by experts! This project took one year and 2.7 million RMB to execute, showing cost effectiveness and enormous achievement. This reconnaissance job, because of the sufficient preparations, meticulous planning, has accrued rich experience for our work in future. We are confident and able … to complete new mission.”
What makes this theft especially egregious is the C-17 has been suggested to be the new platform for the next-generation AC-130 Spectre gunship, which, has had many nicknames, among them Puff the Magic Dragon.
According to the Federation of American Scientists the AC-130 has had a storied history:
“during Vietnam, gunships destroyed more than 10,000 trucks and were credited with many life-saving close air support missions. AC-130s suppressed enemy air defense systems and attacked ground forces during Operation Urgent Fury in Grenada. This enabled the successful assault of Point Salines airfield via airdrop and airland of friendly forces.
“The gunships had a primary role during Operation Just Cause in Panama by destroying Panamanian Defense Force Headquarters and numerous command and control facilities by surgical employment of ordnance in an urban environment. As the only close air support platform in the theater, Spectres were credited with saving the lives of many friendly personnel.
“During Operation Desert Storm, Spectres provided air base defense and close air support for ground forces. AC-130s were also used during Operations Continue Hope and United Shield in Somalia, providing close air support for United Nations ground forces. The gunships have most recently played a pivotal role during operations in support of the NATO mission in Bosnia-Herzegovina, providing air interdiction against key targets in the Sarajevo area.”
Since then, various configurations of the gunship have played key roles in special forces operations and the two Gulf Wars, as well as in Afghanistan.
To make the cost of hostile cyber operations were commensurate with the losses the United States have sustained, bring on the Cyber Karma.