What the US & China can do to Increase Cyber Security
The Internet has evolved from a personal project to a vital contingent of modern life, adopted by billions of users worldwide. Able to survive even a nuclear attack, it faces only one threat that could destroy international security and cause mass chaos if properly exploited - Cyber attacks.
Hillary Clinton, Secretary of State for the US, recently petitioned to combine efforts of the United States, China and other countries to curtail the increasing incidents of cyber attacks. Clinton cited the targets of the attacks are commercial data, intellectual property and highly classified information regarding the nation’s security. China has said it is interested in combining forces with the United States to increase IT security and reduce threats. This will be achieved by anticipating and eliminating attacks before they occur, using the following initiatives:
The Cyber Intelligence Sharing and Protection Act (CISPA)
The Cyber Intelligence Sharing and Protection Act is a law proposed in the United States, which will allow traffic information to be shared voluntarily amongst the U.S. government and certain third parties. CISPA promises to protect businesses, consumers and the government from cyber attacks.
Under CISPA, crucial information regarding the attacks can be shared among private companies or between private companies and the government. This proposed law has the key benefit of allowing the US and China to prepare for an attack; sharing critical information between both countries will be effective in thwarting further criminal activity and strengthening IT security.
Social Engineering Awareness
Social engineering is the act of manipulating individuals into sharing confidential information which wouldn’t have been disclosed otherwise. Cyber attackers frequently gather intelligence on significant individuals and use it to initiate “friendly” dialogue with them; thus obtaining sensitive data such as account information and system log-in credentials.
A recent victim of the social engineering threat was Google, in a June 2012 incident. Google disclosed the fact that unidentified hackers were responsible for “phishing” attacks to fool several hundred Gmail users into sharing their passwords. To make matters worse, senior government officials and Chinese politicians were among those targeted in the attacks—rumored to have originated from Jinan, China.
United States and Chinese intelligence can curb attacks stemming from deceitful and misleading mail by educating IT security teams on recognizing social engineering red flags and identifying the perpetrators immediately.
Joint Treaty Between the U.S. and China
A treaty between the United States and China will prove highly effective in boosting IT security between the two nations. The treaty would propose an agreement to discover and locate any known or suspected cyber criminal in any particular country. It would be instrumental in identifying and intercepting any communications among cyber attackers, while allowing foreign attackers to be extradited to the victimized country for prosecution. A treaty between both countries would boost cyber security by helping to discourage cyber attacks against each other.
The Foreign Minister of China, Yang Jiechi, met with the President of China, to discuss the urgency of working with the U.S. and other nations to boost IT security internationally. China is often blamed when cyber attacks occur or when a country’s secrets are stolen in global espionage. China is moving to become part of the solution against these unnecessary, destructive events.