When the Secretary of State says: "Please Stop Hacking Us…"

Presented at DEF CON 23 (2015), Aug. 7, 2015, 4 p.m. (30 minutes).

Senior American officials routinely hold dialogues with foreign officials to discuss cyber espionage. However, if a cyber attack can be performed through proxy servers jumping several countries before reaching the U.S., then can anyone ever be sure of who is really behind the attack? Yet we often see newspaper headlines clearly identifying that one country is hacking another country through state-sponsored, cyber criminal, or hacktivist means. Even if government cyber analysts with TS/SCI security clearances have high confidence in the identity of an attacker based on forensics and human intelligence, what are the challenges in effectively addressing the topic in a diplomatic or military dialogue with the attacker country?

Two major roadblocks in cyber diplomacy are the "attribution problem," and the related "disclosure dilemma." If there is indeed an attribution problem--when a country cannot be sure which other state is hacking it because a third country could be using it as a proxy--then a country could never accuse another countries of state-sponsored cyber attacks. Yet, countries routinely accuse others of cyber attacks, the public sees this in newspapers almost every day, and it is often an important topic in bilateral dialogues. Furthermore, the disclosure dilemma occurs when a country has both incentives and disincentives to disclose details on how it was hacked. On one hand, evidence will prove its case, but on another hand, evidence will make the attacker more savvy and careful not to repeat the same mistakes next time. Disclosure could create a stronger adversary. These are major concerns in the practice of cyber diplomacy today.

My presentation identifies how government-to-government cyber diplomacy works, examines the attribution problem and disclosure dilemma more fully, and shows how the U.S. approaches this topic differently with partners versus potential adversaries. This is not a technical presentation, but rather it is a policy presentation on cyber diplomacy drawing from political science and my diplomatic experience.


Presenters:

  • David An - Former U.S. State Department
    David was a tenured U.S. diplomat before leaving the U.S. government to consult for the private sector, and to write policy and academic papers. At the State Department, he was the senior political-military affairs officer covering the East Asia region and his responsibilities included coordinating diplomatic dialogues, formulating plans with the Pentagon, notifying Congress of U.S. arms sales, writing the Secretary of State’s talking points, and traveling overseas with the Secretary of State and Secretary of Defense for bilateral dialogues. His other assignments included the U.S. embassies in Beijing, Tokyo, Wellington; U.S. consulates in Sydney and Perth; American Institute in Taiwan; and U.S. Pacific Command. He completed his B.A. at UC Berkeley; M.A. in international affairs and business management, and political science Ph.D. courses at UC San Diego. Obligatory disclaimer: The comments are his own, and do not represent the U.S. government. Since Jeff Moss famously said in 2013: “Feds, we need some time apart,” David emphasizes that he is no longer a fed.

Links:

Similar Presentations: