Tag Archives: foreign policy

Cyberattack Culpability

Posted on by
Reply

The Federal government is warning States regarding a series of cyber attacks against water distribution networks that have been carried out, and that the primary attackers are the People’s Republic of China and Iran. EPA Administrator Michael Regan and National Security Advisor Jake Sullivan wrote a letter to all of our State Governors, in which they wrote in part,

Threat actors affiliated with the Iranian Government Islamic Revolutionary Guard Corps (IRGC) have carried out malicious cyberattacks against United States critical infrastructure entities, including drinking water systems.

And

The People’s Republic of China (PRC) state-sponsored cyber group known as Volt Typhoon has compromised information technology of multiple critical infrastructure systems, including drinking water, in the United States and its territories. Volt Typhoon’s choice of targets and pattern of behavior are not consistent with traditional cyber espionage. Federal departments and agencies assess with high confidence that Volt Typhoon actors are pre-positioning themselves to disrupt critical infrastructure operations in the event of geopolitical tensions and/or military conflicts.

They added by way of emphasis,

Drinking water and wastewater systems are an attractive target for cyberattacks because they are a lifeline critical infrastructure sector but often lack the resources and technical capacity to adopt rigorous cybersecurity practices.

What particularly drew my eye in their letter, though, was this, which Regan and Sullivan also pointed out as one of the reasons for the IRGC’s choice of targets:

In many cases, even basic cybersecurity precautions—such as resetting default passwords or updating software to address known vulnerabilities—are not in place and can mean the difference between business as usual and a disruptive cyberattack.

Which brings me to my bit about culpability. [A] common type of operational technology used at water facilities where the facility had neglected to change a default manufacturer password. This has to be especially important given the number of lives that depend on reliable potable water. It’s also the case that there is no excuse whatsoever for IT types, or anyone else responsible for maintaining a computer network or any of its subnetworks, being so lazy they can’t even be bothered to do so basic a thing as changing passwords away from factory preset defaults, defaults that are, by design, widely publicized precisely so that those who’ve newly purchased such a device can gain access and change the default password to something else and thereby deny those not authorized easy access.

Thus: it’s time to start holding IT managers whose networks are penetrated because they affirmatively chose not to bother to replace default passwords with very strong passwords not just accountable, but culpable.

Current criminal negligence law centers on offenses that occur

primarily in situations involving the death of an innocent party as a result of the operation of a motor vehicle by a person who is under the influence of Drugs and Narcotics or alcohol.

The key is death of an innocent party, and that innocent party part includes all Americans using our potable water infrastructure or any other critical infrastructure: natural gas distribution, for instance, electricity distribution, heating oil pipelines, and so on. Those primary situations, though, should be easily enough modified to include the potential for death when something so central to life as access to water or to any of the other critical infrastructure deliverables is criminally disrupted. The presence or not of death should only inform the severity of the sanction, not the existence of the criminal negligence.

This criminal negligence culpability with its stern sanctions should apply to IT types responsible for subnet management as well as, not instead of, the overall IT head.

The problem extends beyond mere deaths of users of our water or other infrastructure systems. Prolonged disruption will—not can—severely and negatively impact our national security, our ability to defeat an infrastructure cyber attack or any other attacks done in concert with infrastructure disruption.

A Thought on Mexico

Posted on by
Reply

In the ongoing internal-to-the-US debate over whether Texas can take steps to protect itself from the flood of illegal aliens—SB4—in the absence of the Federal government’s overt action to not protect any of the States, Mexico’s President Andres Manuel Lopez Obrador said, through his Foreign Minister’s spokesman, that

[Mexico] “won’t accept, under any circumstances,” deportations by Texas.
Mexico “categorically rejects any measure that allows state or local authorities to carry out immigration control tasks, detain and return nationals or foreigners to Mexican territory[.]”

This is the Mexican government inserting itself into American domestic laws; this is Mexico rejecting the force of our laws as they apply within our nation. If Mexico were merely objecting to the impact of those laws on it, that government would not reject our laws; it would only block their enforcement within Mexico. AMLO’s foreign ministry statement does include words to the effect of that enforcement block within Mexico, but it also includes that outright dismissal of our state or local laws in their entirety.

This is unacceptable, and AMLO’s government blandishments should be ignored. If AMLO were truly serious about this, he would move to prevent aliens from entering his nation illegally, and he would prevent the flood of illegal aliens into his nation from crossing into our nation in the first place, a flood that forces States like Texas to take the actions it is.

A Clear Demonstration

Posted on by
Reply

Michigan’s Progressive-Democrat Governor Gretchen Whitmer signed, in the name of the State of Michigan, a deal with Gotion Inc, a subsidiary of Gotion High Tech Co Ltd which is headquartered in the People’s Republic of China. Gotion Hi Tech is not only subject to PRC national security law that requires domestic companies to provide information the intelligence community “requests” in whatever nation that information might reside, it has open and direct ties to the Chinese Communist Party. From that, Gotion Inc, the party to that Whitmer deal, has those same ties and PRC-legal obligations.

The problem is this. The Gotion-Whitmer deal is for a Gotion battery factory to be built at least in part in the Michigan township of Green Charter. Green Charter has demurred from being used for that deal, and in response, Gotion has filed suit…against Green Charter. Chuck Thelen, Gotion’s Vice President Gotion Global, North America Manufacturing Center:

It’s unfortunate that Gotion has had to resort to litigation to get the township to comply with their obligations under the agreement[.]

This, despite that Gotion’s beef is with Michigan and the Governor’s Office as the signatories of the overall agreement, which presumed to commit the Township to it. Green Charter isn’t the jurisdiction with any contractual obligations here.

It’s true enough that a prior Township board of supervisors had negotiated an agreement with Gotion, but that was done against the will of the Township residents. They ran a recall that tossed every one of those board members and installed a board amenable to the requirements of its collective bosses, those residents. That move rendered the prior agreement nonexistent.

This is a clear, dispositive demonstration, then, of the People’s Republic of China’s cultural mindset and that of Gotion’s managers. Government is in charge and subjects must obey. 一切都在國家之內,沒有什麼是國家之外的,也沒有什麼是反對國家的. Everything in the State, nothing outside the State, nothing against the State (hat tip to Benito Mussolini, who originated the maxim).

This is Why

Posted on by
Reply

None of the Gaza Strip is secure until all of it is secure. Israel’s IDF had to go back into Al-Shifa Hospital in Gaza City and re-clear it, months after it had done so the first time early in its response to Hamas’ war of extermination that it had begun against Israel.

Israeli military spokesman Daniel Hagari said that

senior Hamas militants had re-entered the hospital and were using it to direct attacks against Israel.

Even this time, the IDF was at pains to warn the civilians present that an operation was imminent and they should leave, and they were at equal pains to protect the patients and their doctors who could not leave.

Further,

The raid on the hospital shows how Hamas militants have, according to the Israeli military, returned to places that had already been cleared by Israeli troops in northern Gaza, posing a challenge for Israel even as its forces continue operations it says are aimed at rooting out the group in the south.

This also is an illustration of one of the outcomes stemming from the difficulty of and failure to completely destroy the terrorists’ tunnel system.

Again: none of the Gaza Strip is secure until all of it is secure, and all of Hamas is destroyed. This is why Israel must enter Rafah, and Khirbat al-Adas, and Al Qarya as Suwaydiya, and al Bayuk, and all of the rest of the area in southern Gaza Strip not yet cleared of the terrorists, even for a first time.

This is what Progressive-Democrat President Joe Biden is actively trying to prevent Israel from achieving with his constant demands for Israel to agree a ceasefire with the Hamas terrorists. Any ceasefire that eases pressure on the terrorists will only facilitate their effort and ability to regroup and refit. Hamas’ ability to regroup and refit in a previously cleared facility in Gaza City while under fire in an active war amply demonstrates this.

Biden isn’t the Only One

Posted on by
Reply

On the matter of the Republic of China’s ability to defeat a People’s Republic of China invasion, Progressive-Democrat President Joe Biden isn’t the only US President who’s been terrified of offending the PRC too badly. The RoC has long sought to buy offensive, and long-range weapons from the US, even concluding some deals that a variety of US administrations have failed to deliver on. Instead, in the main,

[f]or more than a decade, US officials have encouraged Taiwan to invest in small, relatively cheap weapons such as shoulder-fired missiles, drones, and sea mines. The goal would be to bring a Chinese amphibious invasion force to a halt at close range with thousands of small strikes.
Such asymmetrical warfare is a favorite tactic of guerrillas and weaker nations facing big rivals.

I-Chung Lai, an ex-government foreign-affairs official, has the right of it:

The asymmetrical approach advocated by some people would put the whole of Taiwan into a meat grinder[.]

Defensive weaponry optimized for asymmetrical warfare are, indeed, critical items for a small nation’s ability to defend against a large nation’s invasion.

But. But, but, but. Defense only permanently surrenders the tactical and strategic initiative and is ultimate defeat. A much better defense is a strong offense. The RoC needs those far reaching and offensive weapons in order to have a serious chance of defeating—not merely resisting—a PRC invasion, and to do so without turning the fight into a bloody morass that bleeds the Republic dry while only injuring the invader.

The RoC desperately needs those offensive weapons as well as the defensive ones, and the Biden administration has an excellent opportunity to learn the lessons of Ukraine and kowtowing to Putin’s threats by slow-walking and outright withholding the long-range and offensive weapons Ukraine has needed for the last 2+ years. The Biden administration needs to put an end to the pattern of multiple administrations kowtowing to the PRC’s threats and send to the RoC the long-range and offensive weapons, along with the defensive weapons. it needs actually to defeat a PRC invasion attempt.

There is legitimate concern that the RoC can’t afford both the offensive and defensive weapons, or the offensive weapons in useful numbers. That’s what lend-lease programs and outright loans are for.