Sunday, February 18, 2018

Is the US Losing the Cyber Wars?


We have just been through the most turbulent period in Internet history, and increasing threats lie ahead.

With the U.S. being the primary target it raises the question of what can be done to protect our financial institutions, power grids and military.


Clearly, we are seeing attacks on many fronts: cybercrime, cyber espionage, infrastructure intrusions, continued use of social media by terrorist organizations for recruitment, training and operations. even intrusion with our electoral processes.

America's institutions - public and private - have focused their attentions on attack detection, containment and recovery. Such defensive actions are essential but do little to deter future attacks.

Cyberattacks have progressed through four stages. The first, in the 1990's primarily involved hacking for sport or maliciousness and the conduct of illegal activities such as pornography, child trafficking and prostitution.  by the end of the 90s, online pornography was estimated to be topping $2 billion annually.

The next two phases witnessed the rise and continuing maturation of the criminal syndicates and activist groups such as Anonymous and Wikileaks. We also started to see nation states directing attacks at private corporations, such as North Korea's attack on Sony Pictures, its worldwide ransomware attack known as WannaCry affecting hundreds of thousands of computers in more then 150 countries, and Iran's DDOS attacks against NY banks.

The current phases involves nation state v. nation state, examples being Russia's interruption of Ukraine's power grid and interference with Brexit voting and elections in the US and other western democracies.

With the fourth phase attacks being instruments of exerting national power, different methods of response would be expected. Instead, the US continues to rely on sanctions, expelling of diplomats, and in the most recent case, indictments against Russian nationals accused of interference with the 2016 US national elections.

Clearly, continuing to respond to geopolitical attacks with methods used for criminals is unsuited and ineffective.

The time has come for the US to step beyond its defense orientation and out of synch responses and adopt a posture of 'active defenses' such as being used by the UK as a means to deter future attacks.

Without such a change in thinking, attacks on the US will continue their escalation in frequency and severity.