Recent attacks on American critical infrastructure by Russian “cybercriminals,” including oil pipeline, meatpacking company, and possible transport provider, created inconveniences. The attacks could have been worse. What should be done to stop future attacks? What should not be done? What strategic steps might be taken? This could be Biden’s moment.
Interestingly, while Russia is implicated in these cyberattacks – shielding presumed perpetrators, possibly being complicit – a response is tricky. Here is why.
First, identifying with certainty who perpetrated a cyberattack, given “opposing barbershop mirrors” of cyber-deflection, is often difficult. State actors deflect other state or non-state actors. Non-state actors do the same. Like picking up beads of mercury with fingers or nailing Jell-O to a wall, the task is inherently hard.
Second, responding without giving away how you know who and where an attack came from, so an attacker does not correct, better deflect, learn “sources and methods,” is also difficult.
US Cyber command exists to “ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries,” but the cyberworld of is one of shadows, feints, and counter-feints. United States Cyber Command.
Several years ago, a senior National Security Agency official was asked why no executive order saying we would hit back hard if hit?
His response was revealing – and remains relevant.
“It could be useful but dangerous because if someone knows ‘if you do this I’ll whack you in this way,’ they could pretend to be another nation-state actor.” While “attribution is hard,” it is “probably not … as hard as people think,” but “hard to do in a timely way and an actionable way,” as “it usually involves some fairly sensitive intelligence sources, and if you disclose those they won’t be there the next time.” See NO NEED FOR A STANDING ORDER ON CYBER ATTACKS.
The whole exercise is like snipers hunting snipers.
Third, any response – at law or national security – must be proportional or risk escalation. The goal should be a return signal that is focused, timely, and demonstrates attacker vulnerability to deter future attacks. By keeping the response proportional, we avoid starting a cyber war.
Finally, while much of cyberspace is hidden, the public is getting drawn into this battlespace. Official and rogue actors are widening their aperture, intentionally creating collateral damage. In short, what was government-to-government harassment and mere pilfering is affecting society.
Given these realities, what should – and should not – be done? Whatever we may know, these constraints are important. We want to deter future attacks without starting a war. A broad cyberattack risks being wrong, disproportionate, compromising intelligence, and triggering counter-attacks – which means more collateral damage.
On the other hand, a perpetrator must know we know who they are to deter future attacks, whether “non-state,” so caught and prosecuted, or “state,” so outed and internationally punished.
The best answer, in this case, depends on what we know, with what confidence, and whether we can tailor a response to hit the attacker’s point of origin – discretely. Public reports say Biden sees these attacks as “a national security threat” and is “contemplating offensive cyber operations against hackers inside Russia,” which may be the right – but must be discrete, proportional, and not trigger further escalation. See, e.g., ‘They are hair on fire’: Biden admin mulling cyber attacks against Russian hackers.
At the same time, words are cheap, sanctions often ineffective, and Biden is going to meet Russian President Putin on June 16th – whose foreign ministry said they would be sending “uncomfortable signals” before the summit.
Biden just issued an executive order reviewing federal regulations and foreshadowing compulsory information sharing between private and public sectors. That is nice but inadequate, possibly also subject to legal challenge. See Executive Order on Improving the Nation’s Cybersecurity.
The real issue is whether we are entering a new phase of international conflict, one in which harassment and pilfering get replaced by cyberattacks to shut down society – led by adversaries.
If so, how do we stop it? Nutshell: We get direct – in private – with our adversaries. We let them know we are watching, holding our cyber-fire, expect them to help identify cybercriminals, cease complicity. Next, we send a cyber signal that we know what we know. Finally, we harden and modularize cyber-defenses, starting with our critical infrastructure – the necessities.
This could be Biden’s moment – probably will not be but could be. If he wanted to prevent cyberwar, turn the page, show real leadership, he could identify cyberwarfare as tantamount to nuclear – not conventional – warfare. The time is coming when similar damage could be done.
Biden could work with Republicans, US Allies, plus Russia, and China, to initiate “Cyber Strategic Arms Limitation Talks” – a new idea, a Cyber-SALT regime, to anticipate, and curtail cyberwarfare before this gets any worse. Just an idea.
Meantime, watch your cyber-defenses!
Improving Cybersecurity:
o Uniform goals for estd guidelines
o More Voc Tech Ed for field
o Task Force Estd for.
o Public Pvt partnerships estd.
o Hire ex hackers to combat hackers.
o Fines for hacking.
o New Legal field estd.
o Train employees?
o New codes in Law.
o ID bac hackers.
More can be done
Estd Comm on Cybersecurity & Wuhan virus
Good article. This line of action is the type that this country takes on all aspects of breaches and attacks against it. It is tough for administrators because they have to gather the facts, make assessments and recommend the action to be taken. Sometimes it is fast, other times, slow. The question is “Does this current administration have the right think tank in place to handle these situations?” I won’t hold my breath.
In my opinion, Cyberattacks are the biggest issue facing the United States this year. We must count on BIi, HSA & best computer experts we have to protect our systems from hackers. This must come directly from our Govt. & not pass off to states or companies to solve independently. Remember, how it worked out when Govt. turned over Covid19 tasks to states instead of directing all of the states to work as a unit. Is the new Trump Space Force a group that can direct this, or ore they working on UFO’s. I am in the dark, as have not seen much on Space Force.
Write your representatives & give them your view on Cyberattacks. For your info, Pat Robertson of 700-club has been warning about this for a few years now. Also, if crytocurrency is the preferred method of ransom payments — maybe America should say no to new currency that seems to benefit the bad guys.
Hidin’ Joe Biden does not have a level of mental skills and capacity to be serving as POTUS of this great Nation. Right now, the question is … who is really running the Nation and administering control at the executive level??? I pray we, as a Nation, can survive his embarrassing and disappointing incompetence and brain and related deterioration that unfortunately come to bear with old age. He is putting the Nation at risk and covering up accountability functions of Presidential functions.