'Hacked by China? Hack them back!' rages US Congress report

A report laid before the US Congress yesterday encouraged lawmakers to allow American companies responding to Chinese miscreants pilfering their data to hack those companies back to save their info.

The US-China Economic and Security Review Commission was established by Congress "to report on the national security implications of the bilateral trade and economic relationship between the United States and the People's Republic of China." It delivered its annual report yesterday.

This year, the commission offered "a detailed look into China's space and counterspace" programmes, as well as offering an overview on commercial cybersnooping coming from the People's Republic. This is despite a cyber peace-deal announced between the two nations earlier this year.

Advocating a tit-for-tat approach to China-related foreign policy, the commission encouraged Congress to consider making laws "conditioning the provision of market access to Chinese investors in the United States on a reciprocal, sector-by-sector basis to provide a level playing field for US investors in China."

These difficulties were particular marked in the information and communications technology sector, suggested the commission, which noted that Beijing is currently considering "a requirement that US technology companies and their customers turn over source code, encryption software, and create backdoor entry points into otherwise secure networks."

The report additionally alleged that the People's Republic discriminates against foreign investors, and has "abusive legal or administrative processes" that particularly favour "indigenous companies over US firms" while "refusing to protect the intellectual property of US companies from piracy and counterfeiting". It encouraged Congress to have a nosey into whether such practices chime with the nation's World Trade Organisation commitments.

For these reasons we believe it is important for Congress to assess whether US-based companies that have been hacked should be allowed to engage in counterintrusions for the purpose of recovering, erasing, or altering stolen data in offending computer networks.

Congress was also encouraged to "study the feasibility of a foreign intelligence cyber court" which The Register understands would hear the complaints of cyber victims before cyber deciding whether the cyber-government would undertake any counter-cyberintrusions on a cybervictim's cyberbehalf. Cyber. ®