White House Cybersecurity Coordinator Michael Daniel told IT security practitioners that diplomacy will play a key role in trying to stop cyber-attacks against American economic interests originating from overseas.
"Any action we take in cyberspace must be considered against its possible foreign policy implications and our desire to establish international norms of acceptable behavior in cyberspace," Daniel said in a speech at RSA Conference 2013 in San Francisco Feb. 28. "We don't want our response to something that's annoying to harm our relationship with other nations, or worse yet, result in a physical conflict."
Daniel twice mentioned China in his address, but made no direct reference to the report by IT security provider Mandiant and others about how the Chinese government is behind attacks on American corporations to steal intellectual property [see 6 Types of Data Chinese Hackers Pilfer].
The special assistant to the president said the U.S. State Department will use diplomatic channels to call on other countries where cyber-attacks originate to stop them. "We raise those questions regularly and raise these kinds of issues with our partners, countries around the world such as China right now."
Daniel later in his speech added, "We'll maintain a meaningful dialogue with the world's largest cyber-actors, countries like China, and work together to develop an understanding of acceptable behavior in cyberspace."
The cybersecurity coordinator sounded a cautionary tone about the practice of hacking back, in which victims of cyber-attacks respond in kind [see To 'Hack Back' or Not?]. "We don't want to create an unstable new normal that would tell other countries it is okay to intervene on U.S. networks, something that advocates of hacking back don't stop to think about," he said. "How would we react if foreign country did the same thing on our networks?"
Daniel said the Obama administration is continuing to develop a policy how best the federal government should respond to cyber-attacks aimed at the private sector, saying it is incumbent on businesses to develop their own cyber-defenses in cooperation with the government. He made an analogy to the government's role after a natural disaster, leading the response when private, local and state resources can't handle a catastrophic event. The same, he said, is true in cyberspace.
"We can see that the federal government is not going to ride in on a white horse to respond to every incident," Daniel said. "Rather than responding reflexively, we believe that a better strategy is to encourage mutual responsibility."