By John Kell and Alan Murray
September 15, 2015

If you read just one story this morning, make it David Sanger’s news analysis in the New York Times, which shows how thoroughly befuddled the U.S. government is in devising an effective response to cyber attacks from China, Russia and Iran.

 

For weeks, there have been reports that the administration was on the verge of sanctions against Chinese hackers responsible for a recent wave of intellectual theft and espionage. But action has been stymied by disagreements within the administration, both over whether acts of espionage – like the theft of 22 million personnel records from the Office of Personnel Management – should provoke sanctions, and also over the danger of sparking a diplomatic blow up with Xi Jinping before his state visit this month. Talks last week with a high-level envoy from China to the White House were “pretty ugly,” Sanger reports. But the White House appears to have dropped the idea of sanctions prior to Xi’s visit.

 

The Chinese leader, meanwhile, seems to be playing this one well, planning a stop in Seattle to meet with tech leaders before making his way to Washington, and offering new inducements for U.S. tech businesses in China.

 

At Fort Meade on Friday, the President said: “There comes a point at which we consider this a core national security threat.” But where is that point? In testimony to Congress last week, Intelligence Director James Clapper said the following:

 

“Cyber threats to U.S. national and economic security are increasing in frequency, scale, sophistication and the severity of impact. And although we must be prepared for a large, Armageddon-scaled strike that would debilitate the entire U.S. infrastructure, it is not our belief that that’s the most likely scenario. Rather our primary concern are the low to moderate level cyber attacks from a variety of sources that will continue and probably expand. This imposes increasing costs to our businesses, to U.S. competitiveness, and to national security.”

 

A host of cyber security firms are helping companies try to defend themselves from cyber attack. But business can’t fight this war alone. Ultimately, the government has to devise an effective deterrence strategy to manage the threat.

 

Enjoy the day.

 

 

 

 

 

Alan Murray
@alansmurray
alan.murray@fortune.com

SPONSORED FINANCIAL CONTENT

You May Like