Compliance Management, Threat Intelligence, Government Regulations

Senators introduce bill that would flag countries, products that benefit from espionage


A group of senators has responded to the widely broadcast threat of foreign cyber espionage with the introduction of new legislation that calls for the creation of a "watch list" of countries believed to be engaging in such acts and the blocking of certain imports.

The bipartisan Deter Cyber Theft Act, introduced on Tuesday, charges James Clapper, the director of national intelligence, to prepare a list of nations believed to be participating in economic or industrial espionage against U.S. companies. He also must build a "priority" list of the countries he judges are engaging in the most "egregious" forms of digital spying, according to the proposed legislation (PDF).

In addition, he must chronicle the technologies that are being targeted by the espionage, and a list of products that are created as a result of any hijacked information. The proposed law would then require the president to bar the import of products containing this technology or ones that benefited from stolen information.

"It is time we fought back to protect American businesses and American innovation," said Sen. Carl Levin, D-Mich. He introduced the bill, along with Sens. John McCain, R-Ariz., Jay Rockefeller, D-W.Va., and Tom Coburn, R-Okla.

While not specifically named in the proposed measure, China is commonly fingered as the most glaring offender. For years, the country was suspected of launching stealthy attacks against U.S. businesses and government agencies to surreptitiously extract sensitive data.

But a comprehensive report earlier this year from security forensic firm Mandiant, which showcased the inner workings of a Chinese military unit operating out of Shanghai that is responsible for the theft of hundreds of terabytes of information from U.S. organizations, propelled the issue into the mainstream. As did a series of high-profile hacking incidents, including at The New York Times.

Just this week, the Pentagon, in its annual report (PDF) on China's military operations, for the first time accused the country of spearheading cyber espionage attacks, though it likely was referencing Mandiant's findings.

"In 2012, numerous computer systems around the world, including those owned by the U.S. government, continued to be targeted for intrusions, some of which appear to be attributable directly to the Chinese government and military," the report said. "These intrusions were focused on exfiltrating information."

Chinese officials have refuted those claims.

"We firmly oppose any groundless criticism and hype, because groundless hype and criticism will only harm bilateral efforts at cooperation and dialogue," Chinese Foreign Ministry spokeswoman Hua Chunying said, according to Reuters.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.