The country is in danger of losing a technological arms race that could result in more leaks and attacks on critical infrastructure.
Rick Orloff is vice president, chief security officer and chief privacy officer at Code42.
On the heels of Donald Trump’s inauguration, the U.S. intelligence community released a report detailing the Russian government’s efforts to interfere with the U.S. presidential election. While the report carried a lot of shock value, it wasn’t surprising. Governments have tried to alter elections outside their borders for hundreds of years, long before the internet existed. What’s new are the hacking techniques used to access the data, platforms such as WikiLeaks used to leak it, and the way we consume media in this digital age.
In a time where a major cyberattack or political leak is just part of the daily mainstream news, it’s more important than ever the U.S. is able to properly protect its “cyber borders,” government resources and critical infrastructure supporting more than 325 million Americans. There are measures in place, but the U.S. government needs sweeping changes to properly shore up its defenses.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
Currently, the Marine Corps has a cyberwarfare unit, but only a few mission teams are being used. In 2017, the Marine Corps plan is to grow its cyberwarfare units and have the entire unit fully operational by the end of the year with added capabilities in expanded future force, information operations, electronic warfare, intelligence analysis, air defense and communications. It’s a step in the right direction but more can be done.
The fact is the U.S. has so many talented sets of organizations and individuals capable of world-class intelligence gathering, yet they have been partially tied down and restricted from using all of their skill sets. To protect all physical and virtual borders, the U.S. needs to focus on a comprehensive national cybersecurity strategy that not only includes defensive tactics and tools, but also focuses on offensive capabilities, signals intelligence, global cooperation from foreign governments, and fixing its own critical infrastructure. America can learn from past mistakes, and other countries, to improve and rebuild.
A prime example of a country with good “cyber border” perimeters in place is China’s network and cyberwarfare unit, which the government acknowledged the existence of in 2015 to no one’s surprise. It’s configured like a giant corporate network with subnets and virtual networks. China is prepared to effectively unplug from the internet in the event of a cyberattack detected against the nation. It can be concluded that the country also has the ability to detect outbound attacks but chooses not to prevent or stop them.
What’s interesting about foreign governments hacking the U.S. Democratic National Committee network was the delay to detect and respond, and that it wasn’t sufficiently prioritized and resourced. Global situational awareness needs to become a top priority for the U.S. government because it allows it to make meaningful actionable decisions.
In part, the global cyber strategy should also include accountability mechanisms for hostile traffic coming from hostile governments, something Trump is looking to address in a cybersecurity executive order.
Trump’s proposed executive order is aimed at consolidating responsibility for protecting against cyberattacks and giving it to the Office of Management and Budget, not the Homeland Security Department. Right now, every government agency is responsible for protecting itself, leading to different IT practices and problems over whose jurisdiction each attack falls under. The draft of the executive order also calls for a review of the most critical U.S. cyber vulnerabilities within 60 days of the order.
Instead of internal reviews, moving forward, the U.S. might want to think about assembling a team of experts inclusive of U.S. government elements, academia and corporate America, and allow those parties to define a strategy unencumbered from political influence. At least then, the nation would have a clear view of what is truly possible. From there, it could make informed decisions, apply political considerations and solidify around a set of root problems, goals, objectives and tactics.
The reign of cyberwarfare is just beginning. As countries create and expand their cyberwarfare units, including the aforementioned Russian government, it’s more important than ever for the U.S. to secure its cyber borders and take advantage of the wealth of knowledge and talent available. If not, the country is in danger of losing a technological arms race that could result in more leaks and attacks on critical infrastructure.