Wrote another short piece for TheCipherBrief on Obama’s expulsion of Russian intelligence officers. Obama’s response did three things: contained the crisis in intelligence channels, gave the Russians a familiar path to limit the damage, and made a point about cyber norms.
Indeed, this is the third time he’s taken action or inaction to create norms for behavior in Cyberspace.
- First, by indicting Chinese hackers from Unit 61398 and then pressing Xi Jingping to accept that governments don’t hack for commercial advantage.
- Second, by expressing outrage but not retaliating when China broke into the poorly protected trove of data at the Office of Personnel Management, he established that espionage is OK.
- Third, by expelling military intelligence officers (behind the hackers called “FancyBear”) and civilian intelligence officers (behind the hackers known as “CozyBear”), he’s tried to establish another norm: governments don’t hack for political advantage.
With elections next year in Germany and France, we’ll see if Obama’s third norm can stick.
For cut and pasters, the full article is at: https://www.thecipherbrief.com/article/exclusive/north-america/watching-cybernorms-get-made-1092