Information Warfare: An Emerging and Preferred Tool of the People’s Republic of China

5. Communications on all federal information systems should be encrypted.

All information that is created, maintained, transported or transmitted by the federal government should be encrypted.  The news  is replete with examples of serious information security failures.  For example, the Washington Post recently reported that the Transportation Security Agency lost a hard drive in early May of 2007 that contained the names of employees and other confidential information.¹6  Had the information been encrypted the loss would have been less serious.

Reportedly, “The FBI and the Secret Service have opened a criminal investigation into the apparent theft of a computer hard drive containing the personal, payroll and bank information of 100,000 current and former  workers of the Transportation Security Administration, including airport security officers and federal air marshals.”¹⁷ The missing hard drive did require the use of biometric authentication (such as a finger print).  But if the thief was an insider, little would prevent the thief from accessing and using information in any manner.

The need for encrypting ALL federal data becomes even more apparent when recalling an incident in which the Department of Veteran Affairs lost more than 26 million records on military personnel.  The data was apparently recovered but determining whether the information had been copied is virtually  impossible.  The Washington Post sited the following “Since 2003, 19 federal agencies have reported 788 incidents of data theft or loss, affecting thousands of employees and the public”¹⁸

Properly encrypted information and data would be extremely difficult to decipher.

6.       Any products, materials, integrated circuits, components,  programs, processes or other goods that are deemed to be crucial to national security of the United States should be manufactured exclusively in the United States without the use of foreign suppliers or materials and further should be declared ineligible for export.

Information warfare, as outlined in this paper, involves the intersection of multiple threats that can be exercised against a host of vulnerabilities.  The People’s Republic of China has been shown to conduct a very broad range of information warfare operations against American interests.  Requiring that components and products that are essential to U.S. National Security to be manufactured within the borders of the U.S. by American owned companies (with sufficiently robust information security) would help to limit the loss of high technology to our adversaries.

Countries known to be unfriendly to the United States, for example, should be kept at  arm’s length from critical advanced research and development, such as nanotechnology and photonics.  The rush to take advantage of potentially lucrative foreign markets and to use cheap outsourced labor results in our exporting sensitive technology for production and seriously increases the vulnerabilities we face.    Computers purchased for the U.S. State Department, for example, should only be manufactured in the United States (rather than purchased from a PRC manufacturer such as Lenovo) and then only under the strictest requirements.

Thousands of seemingly innocent relocations of technological processes and manufacturing gaffs have resulted in countless compromises of America’s national security.  Such losses could be curtailed.