El Secretario de Defensa de ese país acaba de presentar un documento de estrategia de ciberdefensa en los próximos cinco años. No encuentro menciones directas al periodismo o a medios en el texto, ni hay una sola mención a Edward Sonwden, pero hay algunos comentarios interesantes:
Ya en la introducción, asegura que fue Corea del Norte quién hackeó a la empresa Sony por la película The Interview, aunque no da ningún elemento de prueba: «in November, 2014, likely in retaliation for the planned release of a satirical film, North Korea conducted a cyberattack against Sony Pictures Entertainment, rendering thousands of Sony computers inoperable and breaching Sony’s confidential business information. In addition to the destructive nature of the attacks, North Korea stole digital copies of a number of unreleased movies, as well as thousands of documents containing sensitive data regarding celebrities, Sony employees, and Sony’s business operations. North Korea accompanied their cyberattacks with
coercion, intimidation, and the threat of terrorism. The North Korean attack on Sony was one of the most destructive cyberattacks on a U.S. entity to date. The attack further spurred an already ongoing national discussion about the
nature of the cyber threat and the need for improved cybersecurity».
* El principal peligro: «From 2013-2015, the Director of National Intelligence named the cyber threat as the number one strategic threat to the United States, placing it ahead of terrorism for the first time since the attacks of September 11, 2001».
* Los estados enemigos: «Russia and China have developed advanced cyber capabilities and strategies. Russian actors are stealthy in their cyber tradecraft and their intentions are sometimes difficult to discern. China steals
intellectual property (IP) from global businesses to benefit Chinese companies and undercut U.S. competitiveness. While Iran and North Korea have less developed cyber capabilities, they have displayed an overt level of hostile intent towards the United States and U.S. interests in cyberspace».
* Disuasión es comunicación: «Deterrence is partially a function of perception. It works by convincing a potential adversary that it will suffer unacceptable costs if it conducts an attack on the United States, and by
decreasing the likelihood that a potential adversary’s attack will succeed. The United States must be able to declare or display effective response capabilities to deter an adversary from initiating an attack; develop effective defensive capabilities to deny a potential attack from succeeding; and strengthen the overall resilience of U.S. systems to withstand a potential attack if it penetrates the United States’ defenses. In addition, the United States requires strong intelligence, forensics, and indications and warning capabilities to reduce anonymity in cyberspace and increase confidence in attribution».
* Identificar y acusar: «the United States used verifiable and attributable data to engage China about the risks posed by its economic espionage. The attribution of this data allowed the United States to express concerns regarding the impact of Chinese intellectual property theft on U.S. economic competitiveness, and the potential risks posed to strategic stability by Chinese activity. Because they broke the law and to deter China from conducting future cyber espionage, the Justice Department indicted five members of the People’s Liberation Army for stealing U.S. intellectual property to directly benefit Chinese companies. The Defense Department will support the Justice Department and other agencies in exploring new tools and capabilities to help deter such activity in cyberspace».
Es interesante que haya un «Cyber Working Group» formado en conjunto con los chinos: «The goal of this work is to reduce the risks of misperception and miscalculation that could contribute to escalation and instability». Apenas puedan, quieren hacer lo mismo con los rusos.