The U.S. government took legal aim at five officers of the Chinese military on May 19, alleging that they were attacking American companies. The move is unique as it marks the first time the United States has ever tried to sue another country for hacking.
During a press conference yesterday, U.S. Attorney General Eric Holder noted that legal indictment is not likely the last legal action the government will be taking to protect American companies either. So where will Holder turn his focus next?
The recent Verizon 2014 Data Breach Investigations Report (DBIR) found that 49 percent of threat actors involved in cyber-espionage were coming from Eastern Asia. As such, it makes sense that the U.S. government would take aim at China first.
China isn’t the only threat actor taking aim at the United States, though. According to the Verizon 2014 DBIR, 21 percent of cyber-espionage came from threat actors in Eastern Europe. That’s likely the place where the long arm of U.S. law is likely to look next.
George Kurtz, CEO of security specialist CrowdStrike, told eWEEK that his firm is seeing a lot of activity in Russia. “There is a lot of expertise within Russia,” Kurtz said. “That’s probably a good place to start, as well.”
In recent weeks, Russian President Vladimir Putin has more closely aligned himself with China as tensions with the West have escalated over the crisis in Ukraine, Kurtz said.
“In my opinion, the Russians actually build the best tools and technology that is out there for hacking,” Kurtz said. “The Chinese happen to be pretty persistent, but based on what we see based specifically in the energy sector, we should look at attackers in Russia.”
In my view, given the current condition of diplomatic affairs between Washington and Moscow, adding on claims of state-sponsored hacking of U.S. companies would only further deteriorate relations. Putin is now pledging to remove Russian armed forces from the Ukrainian border, which is a move that the United States and its allies are closely watching. To further antagonize Putin now with charges of state-backed hacking might not be the best idea.
Then again, if the Department of Justice can make a case against Russia, it should do so. During Holder’s press conference yesterday, he noted that his department is focused on protecting American companies from criminal activities.
“When a foreign nation uses military or intelligence tools and resources against corporations to obtain trade secrets or sensitive business information for the benefit of state-owned companies, we must say, enough is enough,” Holder said.
From a practical perspective, though, whether Russia is the next nation served with a hacking indictment might not matter all that much. The likelihood of the United States being able to actually conduct legal proceedings against nation-state-backed hackers is low. The point of the legal action, however, isn’t just about bringing people to justice; it’s also about letting American companies know that the U.S. government is on their side.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.