Cyber Wars

      Cyber Wars wall.jpg

      If you think you’re worried about your passwords, online scams, or getting hacked, it may pale in comparison to the concerns of America’s businesses. By one estimate, malicious cyber activity costs the world a staggering $940 billion annually. And two countries in particular are behind the most damaging kind of attacks. Scott Thuman goes online and inside the world of tech defense.

      Inside this Boston skyscraper, a high-tech battle is underway. Lior Div is trying to stop the next cyber-attack, and the financial stakes are huge.

      Scott: How much is this costing us?

      Lior Div: It's in the billions. We're talking about multi-billions every year. The numbers becoming bigger and bigger.

      Div is an expert at this. Once part of Israel’s famed cyber unit, he is now CEO of the security firm Cybereason.

      Div: So, it’s become everybody’s problem right now. And this is something that shift dramatically, because 10 years ago, when I spoke with people, they said, "Look, I don't have money. I'm just a small company. Who is going to hack me?" If you think about it today, everybody can be hacked by a ransomware and can ask for money.

      The headline-grabbing example last year — when hackers hit the Colonial Pipeline, demanding money, resulting in the shutdown of nearly half the gasoline and jet fuel supply to the East Coast. That ransomware attack came from a group in Russia.

      Another adversary, China, prefers to go after American secrets.

      Div: If it's something that they need to manufacture, if it is something that they believe that they need to have inside the country, they're going to go after it.

      In one notable example, China reportedly stole plans for the advanced U.S. F-35 fighter jet, later unveiling its own plane, the J-31, that looks remarkably similar.

      James Lewis of the Center for International and Strategic Studies has worked cyber security for the U.S. government and the United Nations.

      Scott: You look back 10, 15, 20 years, and you say, "We had it wrong."

      James Lewis: We did. You can think in 2010 Google got hacked, and that should have been the wake-up call, that here's one of the biggest IT companies in the world, and they couldn't protect themselves from the Chinese. But it took us another five years to figure out that we were on the wrong path. The Chinese loved it.

      And, he says, kept on stealing. The U.S. government thinks between $200 billion and $600 billion in trade secrets and intellectual property every year for the last 20 years.

      Scott: What's their endgame?

      Lewis: This will sound dramatic: their endgame is to rule the world. That doesn't mean we'd all have pictures of Xi Jinping in our house, but they believe China should be setting the rules internationally. They believe China should be the dominant power in the world. They believe China should be the place where people come to buy their stuff. That's their goal.

      Lewis says neither the Russians nor Chinese are slowing down or have any reason to.

      Scott: But anybody watching an interview about this would say, "Oh, come on, the United States has got to be doing the exact same thing."

      Lewis: And that's exactly wrong. The United States does not do the same thing. We do not engage in commercial espionage. Part of it is, we think our stuff is better. Why would we steal your crummy stuff? And if you stole technology and then tried to put it on the market, someone could easily take you to court. So, it's not the same thing. And people say, "Well, NSA spies on China." Sure, they spy on the Chinese military, and they spy on the Chinese Communist Party. I'm okay with that.

      Sharyl (on-camera): Well if, as he says, the goal of the Chinese is world dominion, what do you think the goal of the Russians are?

      Scott: Well, unlike China, Russia does not appear to have a long-term strategy for stealing specific secrets, because, experts say, while they are looking for opportunities to hack big targets like election systems or power plants, they’re more focused on the financial gains that they can get from ransomware.

      Sharyl: Interesting. Thanks a lot, Scott.