Just as swiftly, government officials—anonymously, of course—assigned the blame to China for the theft as many as 80 million personal records. That’s before there was any real evidence, and while the jury is still out among independent cyber-security experts.
So as usual, there’s a rush to judgment, even if it’s not as outright as it was with the hack of Sony Entertainment. In that case, President Barack Obama publicly blamed North Korea, despite lots of doubt among technical experts. No matter though, North Korea played its part when it came time for the president to urge stronger cyber-security laws in his State of the Union Address, laws that mean greater threats to free speech and privacy.
Why does all this matter? Because the successive waves of hacks, from Sony to Anthem and Target to Home Depot, are all refrains in a growing chorus from the government demanding more tools to fight a faceless enemy. And unlike a real war, where there have to be countries or at least terrorist groups, the enemy is literally in the ether.
When the U.S. starts blaming other countries, it can easily lead to the amping up of “cyberwar” rhetoric, according to Bruce Schneier, a security expert and the CTO of Co3 Systems. That helps government officials who are interested in more powerful and invasive online practices. Such officials find receptive ears when they name a suspect because “there’s a human need to talk about who did it and why and if you don’t know, you find someone who will tell you,” Schneier told WhoWhatWhy.
Certainly, it’s too soon to attribute the hack to China, he said.
Even though the FBI hasn’t publicly blamed China or Chinese state actors for the Anthem hack, it did so in a confidential flash alert shared with corporate cyber-security officials. The FBI described the Anthem hack as “cyber espionage” and indicated it came from “infrastructure located within China,” according to security analyst Brian Krebs.
Of course, Chinese hackers, government or otherwise, could be responsible. Like the U.S. and its Five Eyes allies, China has its own cyber-warriors. The Chinese military has a hacking group in Shanghai known as P.L.A. Unit 61398 with 190,000 soldiers (a unit first identified by a company founded by a former U.S. Air Force computer security officer). The country also has plenty of private hacking crews such as Deep Panda, which has been floated as a suspect in the Anthem hack.
Equally so, it would be expedient to blame China because that fits a pattern of what we’ve been hearing from the government and the private companies that work closely with it on cyber-security. That narrative has already begun. The story is that the Anthem hack is part of a larger campaign to steal sensitive data, which then could be exploited to compromise public officials. Here’s what Bloomberg had to say:
The attack appears to follow a pattern of thefts of medical data by foreigners seeking a pathway into the personal lives and computers of a select group—defense contractors, government workers and others, according to a U.S. government official familiar with a more than year-long investigation into the evidence of a broader campaign.
That characterization of the hack immediately puts it in the territory of a national security threat. And in the language of the government, such an event “renews calls for tougher laws.”
But remember that hacking thrives in the shadowy world between crime and espionage, a fact easily exploited by those seeking to assign or avoid blame. China’s foreign ministry noted as much when denying it had anything to do with the Anthem hack: “It is very difficult to determine the source of hacking activities, especially when it is carried out across borders.”
The Government’s Favorite Anthem
Since there is no conclusive evidence about who hacked Anthem, that caveat is worth remembering when analyzing what we’re being told. With enough evidence, it is possible to make a legitimate judgment about who is responsible.
Those who make the laws don’t wait for that kind of proof, though. One early beneficiary from the Anthem hack is that tough new cyber-security legislation President Obama wants. And he’s got bipartisan support.
On the same day the hack became public, House Committee on Homeland Security Chairman Michael McCaul released a statement calling for “aggressive action to remove legal barriers for sharing cyber threat information.” The new legislation will build on laws passed last year that increased the size of the security-industrial complex.
If that song sounds familiar, then you’ve heard the government’s favorite anthem. Again.