Shostack + Friends Blog Archive


Dear FBI, Who Lost $1Billion?

In a widely discussed op-ed, Richard Clarke wrote:

It’s not hard to imagine what happens when an American company pays for research and a Chinese firm gets the results free; it destroys our competitive edge. Shawn Henry, who retired last Friday as the executive assistant director of the F.B.I. (and its lead agent on cybercrime), told Congress last week of an American company that had all of its data from a 10-year, $1 billion research program copied by hackers in one night. Gen. Keith B. Alexander, head of the military’s Cyber Command, called the continuing, rampant cybertheft “the greatest transfer of wealth in history.”

I’d like to ask a few questions. Actually, just one. Please let us know the case you’re discussing. This is a major crime. The FBI doesn’t report “we had a bank robbery at some Seattle bank last week,” they say which bank at which address. Further, assuming that this is a public company (because few private companies could sustain such investments), then the SEC requires disclosure. Now, you might claim that the company disclosed a billion dollar loss, in which case, Mr. Henry could name names. You might say that the company disclosed a billion dollar loss and no one cared, but I would be forced to question your credibility. You might also say that the company disclosed and no one noticed, because their lawyers were so clever in their drafting, but that would be tantamount to accusing them of deceptive reporting, and the FBI should be investigating if their CEO belonged in jail.

There is, of course, an alternate hypothesis, which is that this is a class of accounting that I’ll call 911 accounting. If you’ll recall the early 1990s, Knight Lightning was accused of receiving stolen property valued at $79,449. It later came out that the documents were available for sale for $13.

So there are three possibilities:

  1. The company is privately held (and is able to invest a billion dollars over 10 years)
  2. The company is public (and was required to inform its shareholders)
  3. Mr Henry, or the people who provided him the information, is playing fast and loose with the numbers

Thoughts on relative probability, or other elements of how to parse that claim, are welcome.

6 comments on "Dear FBI, Who Lost $1Billion?"

  • Jack Daniel says:

    I tend to be skeptical about these kinds of amazing claims, and this one sounds particularly suspect. I bet that if pushed this would quickly be hidden behind a “if we told you, we’ll have to kill you” kind of “national security” claim because the company in question is government supplier. And yes, I’m skeptical of those claims, too. If true, the customer deserves to know- and as taxpayers, we are the customers. If we go out on a limb and believe the numbers, a ten-year, $1 billion research program sounds a lot like a government contract deal, doesn’t it? (It also sounds like nonsense, but I will admit I am often unable to tell the two apart).

  • Adam says:

    I don’t dispute your claim of what would likely happen, but the claim is bunk.

    The Chinese know what company is involved from those specifics so there’s no need to keep it secret from them.

    If it’s a government contract, then there’s a requirement to tell some congressional oversight committee that their billion taxpayer dollars just went out the door.

  • Richard Clarke clearly has no fear that he will have to endure the level of fact checking that Mike Daisey did.

  • To the skeptics: it’s real, there’s no incentive for anyone to report it, and it could be interpreted by the lawyers at a mega-corporation to not be “material” and therefore not reportable. That’s how this stuff works, unfortunately. So, all three of your positions are probably not true.

  • Adam says:

    Me, I always thought that skepticism required something more than an assertion to overcome, But apparently in the land of the APT, all anyone needs to overcome their skepticism is someone claiming to be Rich.

    Glad I don’t live there.

  • Timmay says:

    Or Clarke is just *still* full of shit. Occam’s Razor.

Comments are closed.