This hearing will examine China's use of standards, regulation, and censorship as a market-entry barrier. It will also examine China's use of cyber espionage to gather information for commercial purposes, including turning over U.S. intellectual property to competing Chinese state-owned enterprises. Expert witnesses will address the breach of the OPM and related hacking of federal agencies. At the hearing, the Commissioners received testimony from the following witnesses: Samm Sacks, China Analyst, Eurasia Group; Matthew Schruers, Vice President for Law & Policy, Computer & Communications Industry Association; Paul M. Tiao, Partner, Hunton & Williams; Dennis F. Poindexter, author of The Chinese Information War, Espionage, Cyberwar, Communications Control and Related Threats to United States Interests; and Jen Weedon, Manager, Threat Intelligence and Strategic Analysis, FireEye and Mandiant, Inc.
The United States faces evolving cybersecurity threats from nation-states such as China, Russia, North Korea, and Iran, as well as cyber threats from criminal organizations and terrorist groups such as ISIS. These actors continue to develop and build more sophisticated cyber capabilities. These hackers now pose an even greater threat to the U.S. homeland and critical infrastructure. Cybersecurity more than ever is National security. In 2015, the U.S. was the victim of one of the most significant cyber attacks in its history. The breach at the Office of Personnel Management exposed the personal and security clearance information of 21.5 million current and former Government employees. In 2014, North Korea conducted a cyber attack on Sony Pictures that not only destroyed computers, but also was intended to stifle free speech and threaten American ideals. The Obama administration's lack of proportional responses to these cyber attacks has signaled to the world that there are no real consequences for such actions. Without a comprehensive National cybersecurity strategy that establishes deterrence, the future could bring an increasing number of adversaries that are willing to conduct cyber attacks against the United States.
This new textbook offers an accessible introduction to the topic of cybersecurity ethics.
The book is split into three parts. Part I provides an introduction to the field of ethics, philosophy and philosophy of science, three ethical frameworks – virtue ethics, utilitarian ethics and communitarian ethics – and the notion of ethical hacking. Part II applies these frameworks to particular issues within the field of cybersecurity, including privacy rights, intellectual property and piracy, surveillance, and cyber ethics in relation to military affairs. The third part concludes by exploring current codes of ethics used in cybersecurity.
Continue reading “Cybersecurity Ethics: An Introduction”
Today's hearing is timely and very relevant. We are examining the cyber threat today that is posed by nation-states, namely China, Russia, and Iran. I focus on the nation-state aspect of this threat because it represents a new battlefield in state relationships and one in which we must prepare accordingly. There have been significant developments in the cyber domain, highlighted by the fact that the U.S. Government has finally begun to name the nation-states most responsible for cyber attacks against the United States. Tom Donilon, the President's National security adviser, outed China as the place where cyber intrusions are emanating on an unprecedented scale. The annual threat assessment by the United States intelligence community delivered to Congress-Director of National Intelligence, James Clapper, named cyber as the top threat to the United States' National security. This represents a major shift in the threat assessment by the United States intelligence community and makes our work on this committee even more important.
This hearing will continue our examination of cybersecurity and our communications infrastructure with a focus on what Internet Service Providers (ISPs) are doing to address cybersecurity, whether there are statutory or regulatory obstacles hampering their efforts, how we can encourage public-private partnerships, and how we can facilitate information sharing among private industry and between the private and public sectors.