Topics include:
1) Google goes where the U.S. government has feared to tread,
2) Computers must take over counter-terrorism analysis.
Google goes where the U.S. government has feared to tread
In a dramatic statement posted on the company's official blog this week, Google sparked a confrontation with the Chinese government that will likely end with the company exiting the Chinese market. Google's statement all but accuses the Chinese government of "a highly sophisticated and targeted attack on our corporate infrastructure." The Chinese government has long been suspected of directly performing, or facilitating proxies to perform, a wide range of cyberwarfare activities. Google's forceful response against the Chinese government has gone further than the U.S. government, a daily large-scale victim of cyberattacks, has ever gone. The Pentagon's forthcoming Quadrennial Defense Review will likely feature discussions concerning "high-end asymmetric threats" such as cyberwarfare; but ironically it is a private company that is taking action against the Chinese government, a leading high- end asymmetric threat. Finally, Google's decision to likely abandon China could reveal a major crack in China's authoritarian model for economic growth and development.
Google stated that the attacks targeted at least 20 other large companies and the email accounts used by prominent Chinese human rights activists. The company did not directly accuse the Chinese government of these attacks, but its response indicates that it believes the Chinese government is responsible. If Google thought the culprits were lone-wolf Chinese computer hobbyists or cybercriminals, one would think that their response would have called on the Chinese government to police lawless behavior. In this case, it has obviously concluded that it is the government itself that is lawless.
Google has shown the courage to name the villain and accept the consequences for doing so. This is more than the U.S. government has ever done, in spite of many years of regular cyberattacks from China and Russia. Belatedly, and only after Google had acted, Secretary of State Hillary Clinton issued a four-sentence statement calling on the Chinese government to explain its actions.
I agree with my FP colleague Blake Hounshell that this story will have long-lasting ramifications. Google's break with the Chinese government exposes a crack in the Chinese government's model for development. Western multinational corporations are the intermediaries through which China (like the other Asian successes) has obtained access to export markets.
Google had accepted the Chinese government's terms regarding censorship. But this week, it decided that it would not be a branch of the regime's internal security apparatus, a conduit for its global cyberwarfare operations, or a victim of its theft of intellectual property. Google's management has apparently decided that such complicity would be too damaging to its reputation elsewhere in the world and that its reputation was more valuable than future profits from the Chinese market.
Google is walking away from a Chinese government whose business practices it considers out of control. This will show the way for other Western multinationals to stand up against the Chinese government's social coercion, frequent non-protection of property rights, and outright theft of intellectual property. Following Google's action, those Western firms that do business with the Chinese government will have to respond to tougher questions from their shareholders.
China's future economic growth is dependent on the health of its relationships with Western firms, especially those with high intellectual property content. Google's decision may show that China's authoritarian growth model has reached a limit. And it may show the U.S. government how to get some courage of its own to fight the cyberwar, a war that is already underway.
Computers must take over counter-terrorism analysis
National Security Advisor James Jones predicted that the White House report on the Christmas Day attempt to bomb a flight from Amsterdam to Detroit would "shock" its readers. Jones was presumably referring to the report's conclusion that U.S. counterterrorism analysts had access to all of the information they needed to prevent the suspect, Omar Farouk Abdulmutallab, from boarding the flight, but failed to search enough of the databases to which they had access and link together the information that would have revealed the threat.
Maybe what was really shocking to Jones was his discovery that the U.S. intelligence community's computer software was not performing the "data mining" for terrorism threats that he assumed it was. The "Key Findings" from the White House report stated:
"Information sharing" does not appear to have contributed to this intelligence failure; relevant all-source analysts as well as watchlisting personnel who needed this information were not prevented from accessing it.
Information technology within the CT community did not sufficiently enable the correlation of data that would have enabled analysts to highlight the relevant threat information.
There was not a comprehensive or functioning process for tracking terrorist threat reporting and actions taken such that departments and agencies are held accountable for running down all leads associated with high visibility and high priority plotting efforts undertaken by alQa'ida and its allies, in particular against the U.S. Homeland.
In a Jan. 7 interview on the PBS Newshour, former White House counterterrorism officials Richard Clarke and Juan Carlos Zarate confirmed that the U.S. intelligence community still does not have computer software that comprehensively searches and correlates data from all of the relevant U.S. government terrorism databases.
Given the flood of "dots" that arrive daily into the intelligence community's databases, computer automation is clearly the answer. The White House report recognized the hard work of the counterterrorism analysts who, the report says, have foiled many plots. But the Abdulmutallab incident shows what happens when a system relies on the endurance and judgment of an army of overworked human analysts -- the bomber eventually gets through.
A software program performing the same routine as the analysts will not be a panacea. Its parameters will require constant adjustment which will cause many to wonder whether data mining is useful. However, 9/11 and the Abdulmutallab incident show that large-scale and systematic data management is very likely the largest part of protecting the homeland from terrorism. It's been nearly nine years since the last catastrophic "connect the dots" failure. The fact that the intelligence community still is not fully cooperating on software solutions reveals an egregious management failure inside the government.
Comments
"What is wrong with the US or even Google counter-attacking?? The Chinese have stolen billions of dollars worth of software from Microsoft and others and our brave government now and under Clinton and both Bushs let them slide."
I wonder why people assume the USG is not doing the same or, given our superior skill base, much more to the Chinese government and its networks.
"Key Findings" from the White House report:
"There was not a comprehensive or functioning process for tracking terrorist threat reporting and actions taken such that departments and agencies are held accountable for running down all leads associated with high visibility and high priority plotting efforts undertaken by alQa'ida"
Robert Haddick wrote:
"Given the flood of "dots" that arrive daily into the intelligence community's databases, computer automation is clearly the answer.
...
A software program performing the same routine as the analysts will not be a panacea. Its parameters will require constant adjustment"
My response, based on 18 years R&D experience trying to automatically connect dots:
I guarantee that parameters *already* were undergoing constant adjustment.
If anybody wants to go on record, defining EXACTLY what dots, in what configurations/signatures, will constitute FUTURE "high visibility and high priority plotting efforts", I'm sure we'd all appreciate it.
Don't forget, that you will be held ACCOUNTABLE, if the next attack (whether successful or "near miss") isn't caught by your algorithm.
BTW, did I mention that the thousands of daily "high priority" false positives (false alarms) are a big problem? So even if your new datamining algorithm ensures ZERO false negatives, that will not suffice to CYA unless you simultaneously reduce all those false positives to a manageable number.
Jordan Calinoff of Foreign Policy argues that this is mostly the government getting rid of a pesky foreign competitor, Google, for the benefit of a domestic company, Baidu. Google was getting its brains beat out in China anyway so being seen as making a noble sacrifice for principle was probably the best it could hope for.
There is no nobility in being victimized by a tyrannical government, just misfortune. It is not a good sign for the future though.
<blockquote><em>"Google has shown the courage to name the villain and accept the consequences for doing so. This is more than the U.S. government has ever done..."</em></blockquote>
That may be technically correct. But, I detect a rhetorical message (found in the title). <em>"Google has more guts than the U.S. Government."</em> That is very oversimplified.
Google can "name the villain," because Google's relationship with China is far simpler than the US relationship with China. Guts has nothing to do with it.