I welcome news that President Biden will be meeting with business leaders next month to talk about the incredible wave of cyber attacks and ransomware attacks. What should he tell them?
First off, based on what I found in research for my book, A Grand Strategy: Countering Technology, and Restoring the Media, the president should be candid in acknowledging that U.S. IT and communications systems have been badly penetrated. American companies built very sophisticated computer systems and networks that allowed them to leverage incredible amounts of information and to make great sums of money. But they assumed that the United States had a technological lead in the world and that no nation-state would dare to subvert and penetrate these systems on such a massive scale as China and Russia have done. It’s the electronic equivalent of a Pearl Harbor. Virtually no company or government agency can be sure they have not been penetrated. The idea that “cloud computing” systems can protect secrets is flat out laughable.
After shocking the executives, the president should ask, “What will it take to stop this?”
I can imagine the faces of the business leaders. They will have gone ashen by this time. No one will dare to speak.
The president should continue. “Well, I can tell you from my perspective what it’s going to take. You are going to have to invest more in your IT systems and hire more people to monitor and protect them. That’s going to hurt your profits in the short term. We could have the SEC enact a rule that requires you to spend this money but it would be better if you decided on your own to do it.
“We’re also going to have to cooperate more with each other. We have to figure out a way for companies to report on cyber attacks to a U.S. government entity that can coordinate with other U.S. government entities. When we see attack vectors and new attack tools, we have to be able to share that information quickly and accurately.
“This could get uncomfortable because our intelligence agencies and military will have to be involved. We have to create a system that respects your rights to corporate security and privacy at the same time we create a defensive system that protects all of us. Our distinction between the public and private sectors is real, but we have to recognize that Xi Jinping has declared a “military-civil fusion,” meaning that China is a monolithic state controlled by a single party.
“And the other thing I have to tell you is that many of your systems that manage your activities in China have been penetrated by the Chinese government. We have to assume that they have leapfrogged into your global systems. This is going to force you, with our help if you request it, to verify all legitimate users. That’s going to be messy and expensive, but if we ever want to get full control of our IT systems again, that’s what it is going to take.
“And lastly, our analysis is that the Chinese are going to allow you to continue making money in China in the short term. But in the longer term, once they’ve stolen your key technologies and their companies and enterprises have introduced competitive products, they won’t need you any more. They will crash you like the PLA did to Canada’s NorTel a decade ago. They penetrated the company’s systems all the way up to the CEO level, stole their technology, stole their pricing strategies for big projects, and drove them out of business. If you want to play strategically for the long term, as the Chinese do, it’s time to overcome your pre-occupation with increasing quarterly earnings.
“Thank you, folks. I hope this is the beginning of an American rebound. The Chinese believe the West is finished. Let’s show them they’re wrong.”
