BankInfoSecurity.com

Using Diplomacy to Stop Cyber-Attacks

Daniel: Feds Won't Ride in on White Horse After Every Incident


Using Diplomacy to Stop Cyber-Attacks

White House Cybersecurity Coordinator Michael Daniel told IT security practitioners that diplomacy will play a key role in trying to stop cyber-attacks against American economic interests originating from overseas.

See Also: Financial Malware: Detection and Defense Strategies

"Any action we take in cyberspace must be considered against its possible foreign policy implications and our desire to establish international norms of acceptable behavior in cyberspace," Daniel said in a speech at RSA Conference 2013 in San Francisco Feb. 28. "We don't want our response to something that's annoying to harm our relationship with other nations, or worse yet, result in a physical conflict."

Daniel twice mentioned China in his address, but made no direct reference to the report by IT security provider Mandiant and others about how the Chinese government is behind attacks on American corporations to steal intellectual property [see 6 Types of Data Chinese Hackers Pilfer].

The special assistant to the president said the U.S. State Department will use diplomatic channels to call on other countries where cyber-attacks originate to stop them. "We raise those questions regularly and raise these kinds of issues with our partners, countries around the world such as China right now."

Daniel later in his speech added, "We'll maintain a meaningful dialogue with the world's largest cyber-actors, countries like China, and work together to develop an understanding of acceptable behavior in cyberspace."

The cybersecurity coordinator sounded a cautionary tone about the practice of hacking back, in which victims of cyber-attacks respond in kind [see To 'Hack Back' or Not?]. "We don't want to create an unstable new normal that would tell other countries it is okay to intervene on U.S. networks, something that advocates of hacking back don't stop to think about," he said. "How would we react if foreign country did the same thing on our networks?"

Daniel said the Obama administration is continuing to develop a policy how best the federal government should respond to cyber-attacks aimed at the private sector, saying it is incumbent on businesses to develop their own cyber-defenses in cooperation with the government. He made an analogy to the government's role after a natural disaster, leading the response when private, local and state resources can't handle a catastrophic event. The same, he said, is true in cyberspace.

"We can see that the federal government is not going to ride in on a white horse to respond to every incident," Daniel said. "Rather than responding reflexively, we believe that a better strategy is to encourage mutual responsibility."

Follow Follow Eric Chabrow on Twitter: @GovInfoSecurity






Security Agenda

RSA Conference Highlights and Insights

This compilation provides an overview of ISMG’s RSA 2014 coverage, from pre-event promotional materials to excerpts of our exclusive interviews.

Download Now
The State of Information Security

In this year's issue of Security Agenda, we explain why 2014 is finally the "The Year of Security."

Download Now





Latest Tweets and Mentions

Security Agenda

RSA Conference Highlights and Insights

This compilation provides an overview of ISMG’s RSA 2014 coverage, from pre-event promotional materials to excerpts of our exclusive interviews.

Download Now
The State of Information Security

In this year's issue of Security Agenda, we explain why 2014 is finally the "The Year of Security."

Download Now

close

Sign In

close

Create a FREE account

Tell us about yourself

(All Fields Required)

Create your user ID and password

Choose your subscription preferences

Select the Industries and Topics, Type of email content you would like to receive, and Region. (Leave all blank to receive none)

Step 1. Industries & Topics

Step 2. Choose Content

Step 3. Choose Region (s)

close
or
You'll have an opportunity to create your account later.
close
close
close