Many companies do not even know when they have been hacked. According to Congressional testimony last week, 94 percent of companies served by the computer-security firm Mandiant were unaware that they had been victimized. And although the Securities and Exchange Commission has urged companies to reveal when they have been victims of cyberespionage, most do not. Some, including Sony, Citibank, Lockheed, Booz Allen, Google, EMC and the Nasdaq have admitted to being victims. The government-owned National Laboratories and federally funded research centers have also been penetrated.
Because it is fearful that government monitoring would be seen as a cover for illegal snooping and a violation of citizens’ privacy, the Obama administration has not even attempted to develop a proposal for spotting and stopping vast industrial espionage. It fears a negative reaction from privacy-rights and Internet-freedom advocates who do not want the government scanning Internet traffic. Others in the administration fear further damaging relations with China. Some officials also fear that standing up to China might trigger disruptive attacks on America’s vulnerable computer-controlled infrastructure.
But by failing to act, Washington is effectively fulfilling China’s research requirements while helping to put Americans out of work. Mr. Obama must confront the cyberthreat, and he does not even need any new authority from Congress to do so.
Join the conversation as a VIP Member