- Dave Weinstein says the recent cyber-arrests and Chinese indictments signal a new era
- Federal law enforcement agencies and governments have redefined what crosses the line
- The Blackshades raid spanned 19 countries and required robust global information sharing
It's been a busy few days in the world of cybercrime.
Late last week, we learned that cooperation between the Federal Bureau of Investigation and overseas police agencies led to the dissection of the amorphous network behind Blackshades -- the tool that allows hackers to remotely access an unwitting user's computer to steal sensitive files, log passwords, and capture webcam images.
Law enforcement authorities from the U.S. to Germany to the Netherlands appeared on the doorsteps of suspected hackers with links to the malicious software, eventually arresting 90 people and gathering hoards of evidence along the way.
Then, on Monday, U.S. Attorney General Eric Holder released an indictment for five Chinese nationals on charges of corporate cybertheft. In a statement, FBI Director James B. Comey accused the Chinese government of committing "cyber espionage to obtain economic advantage for its state-owned industries."
The 31-count cybertheft indictment is the first of its kind to level penalties on a state actor -- in this case five members of the People's Liberation Army -- for allegedly pilfering intellectual property from six U.S. companies. Predictably, China's Foreign Ministry was quick to rebuke the charges as "fabricated" and a violation "of basic norms of international relations." As if it had been pre-written, the scripted statement then touted China's record as a "staunch defender of cybersecurity."
Practically speaking, the arrest of 90 semi-amateur hackers is hardly a decisive blow to global cybercrime and the Justice Department's indictment is little more than a legal show of force. After all, the Blackshades network pales in comparison to other high-dealing cybercrime rings and China has already dismissed the allegations as "fictitious and absurd," so don't expect extradition proceedings anytime soon.
But the Blackshades arrests and the DOJ allegations against China, although modest, are hardly trivial. The indictment marks the most flagrant expression of the United States' growing intolerance for corporate cybertheft to date.
It also communicates to China and the rest of the world the degree to which such behavior directly threatens America's interests, perhaps even in a manner commensurate with more conventional threats like terrorism and WMD proliferation.
More than signaling intolerance for cybercrime, both cases have revealed domestic and foreign law enforcement's steady maturation in this space. The international Blackshades raid, which spanned 19 countries, required robust information sharing channels and cross-border operational coordination.
On the surface, such partnerships seem routine given that the U.S. regularly partners with foreign law enforcement on drug, terrorism, and financial crimes. But unlike other criminal disciplines, there are no universally-recognized charters governing international norms for cybercrime, and most countries' justice systems are at drastically different stages of development in this nascent legal field.
The Feds and their international counterparts deserve a solid pat on the back for this one, but the progress will quickly retreat if the events of the past week don't trigger a more enduring dialogue on international norms for cybercrime.
Now more than ever, the line in the sand is clear. On one side is traditional espionage, a practice governed by hundreds of years of international norms that has recently spilled over from sea, air and land into cyberspace. It is a basic function of intelligence.
On the other side, is corporate cybertheft, a new phenomenon in which the anonymity of cyberspace affords the thief an enormous advantage over the victim -- especially when the thief is a government and the victim is a business.
Quite simply, corporate cybertheft crosses the line because, in today's ultra-competitive geopolitical landscape, it threatens the delicate balance of power between states. Yes, states spy in cyberspace to protect themselves from threats. But the goal of corporate cybertheft is to fundamentally revise the balance of power -- and self-respecting nations simply can't tolerate such behavior.
In unprecedented fashion, the faces of five officers from the previously disclosed 61398 Unit of the Chinese People's Liberation Army now appear on a "Wanted by the FBI" poster, a striking suggestion that perhaps prosecuting cybercrime shouldn't differ all that much from prosecuting other crimes.
Not too long ago, the overt portrayal of individuals otherwise known only by their virtual aliases would have been met by fierce opposition from those fearing diplomatic retribution. Despite China's rhetoric and the summoning of the American Ambassador to China Max Baucus Monday night, the U.S. need not fear retribution.
But now that we've crossed the Rubicon with this indictment, it's apparent that dealing with cybercrime is more than just a "name and shame" game.
If, instead, the five Chinese officers marched into Westinghouse's headquarters, pulled out a gun and stole next year's product development plans, nobody would debate whether or not they crossed the line.
Cyberspace doesn't afford criminals any more latitude than the physical world, but it does increase the burden of proof on the accusing party -- so hopefully Attorney General Eric Holder did his homework.