In 2012, Dr. Lamont Colucci was approached by U.S. News and World Report to write a weekly column on foreign policy and national security. This is under the aegis of World Report – Insights, perspectives, and commentary on foreign affairs. View the article on USNews.com
When Americans think of the damage caused by espionage, they think of Benedict Arnold at West Point, or the communist Rosenberg spy ring that handed secrets of the atomic bomb to the Soviet Union. These cases are dramatic as they are damaging. But one overlooked area of espionage by the media, and even politicians, is economic and industrial espionage.
That may be changing. On April 1, President Barack Obama signed an executive order, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities” This would allow the United States government, through the secretary of the treasury (in consultation with the attorney general and secretary of state) to apply sanctions to individuals or groups that engage in economic espionage. President Obama’s benchmark threats are those that “create a significant threat to U.S. national security, foreign policy, or economic health or financial stability of the United States.” Although this is a long overdue step in the right direction, it may again reflect the Obama administration’s instinct to take the minimalist path of least resistance.
The majority of the criticism seems to come from quarters that believe the Obama administration may use the law to prosecute individuals involved in cybersecurity research, thus creating a chilling effect in an area that many consider to be an American national security weakness. Theoretically, the U.S. government could go after American cybersecurity analysts who are using “malicious” techniques to create defenses.
But that critique misses the greater problem with the order: its understanding and magnitude.
Economic espionage encompasses everything from stealing to altering to destroying intellectual property or other trade secrets. This can be anything from machine blueprints to software applications to private employee information to chemical formulas. And while defense contractors and military technology top the looting list, everything is fair game: civilian aviation, gaming software, agricultural seeds, pharmaceuticals or car brakes. Naturally Silicon Valley and corporations such as Microsoft, Google, Apple, HP, Oracle are top targets. And while the good, old-fashioned spy work of using human intelligence assets and dealing with physical documents is still a reality, foreign agents can now also work remotely, through cyberattacks, malware, viruses and other forms of hacking.
The cost to the American economy and American jobs is staggering. One 2009 estimate pegged it at $50 billion but BlackOps Partners Corporation, a firm that handles cyber-counterintelligence for Fortune 500 companies, estimated in 2013 that the cost was $500 billion from U.S. companies annually. The large attacks have James Bond-like codenames such as Red October, Flame, Operation Aurora and the Elderwood Project and the attackers have similarly exotic names: Unit 61398, for example, and Energetic Bear.
Those last two are not lone computer geeks operating out of their parents’ basements. Unit 61398 is part of China’s People’s Liberation Army while Energetic Bear is widely believed to be supported by Russia. Notice that these are not Russian and Chinese corporations but the governments themselves (indeed, they are the two biggest cyberadversaries of the U.S.). A 2013 report by the cybersecurity firm Mandiant estimated that Unit 61398 had hacked into 141 companies. Similarly a 2014 report by the firm CrowdStrike said that the Russian government had penetrated hundreds of American, European and Asian companies, stealing valuable intellectual property.
So this is not merely a new iteration of the chocolate espionage wars between Mars and Nestle, or the cola conflict between the formulas for Coke and Pepsi. These are state actors of the two greatest power threats to United States interests using their intelligence arms to attack U.S. corporations. This is not a case for the attorney general and secretary of the treasury to impose sanctions. This is warfare, and it should be treated as such.
If the Obama administration is serious in declaring a “national emergency” as his executive order declares, then it should be backed up by the teeth of a full-fledged counter offensive, and if dire enough, the United States should choose to use any tool of state power to counter it. If not, the United States will lose its edge in innovation, technology and creativity, which will not only hurt American corporations, but the millions of Americans who rely on these companies for jobs.