'Hypocrisy'

“U.S. cybersecurity policy-makers are in the habit of thinking too much about those who attack us and too little about our attacks on others.”

So we are told this morning by Jack Goldsmith, a legal scholar and cybersecurity expert, on the op-ed page of The Washington Post.

For those who are unfamiliar with Mr. Goldsmith, he is a Harvard law professor who also worked for George W. Bush. In fact, he reportedly was in John Ashcroft’s hospital room when Alberto Gonzales and Andrew Card tried to pressure Mr. Ashcroft to approve the Bush administration's warrantless wiretap program.

Mr. Goldsmith’s column this morning responds to Secretary of State Hillary Clinton’s recent condemnation of Internet censorship and cyber attacks.

“The problem with Clinton’s call for accountability and norms on the global network -- a call frequently heard in policy discussions about cybersecurity -- is the enormous array of cyberattacks originating from the United States,” he says.

Aside from the widespread use of hijacked U.S.-based computers as zombies in botnets, the U.S. tolerates and even supports some forms of hacking in cases where the cyber attackers are human-rights activists or members of the U.S. intelligence or defense establishment, he asserts.

“Creating norms to curb cyber attacks is difficult enough because the attackers’ identities are hard to ascertain,” he says. “But another large hurdle is the federal government’s refusal to acknowledge more fully its many offensive cyber activities, or to propose which such activities it might clamp down on in exchange for reciprocal concessions by our adversaries.”--TL