US Cybersecurity Defense Must Meet Adversaries’ ‘Pace and Scale’
“Make no mistake, our adversaries want to divide us to conquer us,” warned Erin Joe, section chief of the private sector office of the FBI, noting that nation-states like Russia, North Korea, Iran, and China are deploying daily cyberattacks against the US.
Opening yesterday’s CyberSatDigital conference, Joe pointed to the National Intelligence Council’s assessment published in March that Russian President Vladimir Putin’s government had conducted a series of “influenced operations” to “[denigrate] Biden’s candidacy, [undermine] public confidence” in the elections and worsen social and political divisions among U.S. citizens.
Her remarks came just half an hour before a Senate hearing on the government’s response, prevention and recovery efforts stemming from last year’s SolarWinds cyberattack attributed to Russian’s foreign intelligence service. It just so happens that the largest cyberattack against U.S. infrastructure was also announced last week, where Russian hacking group DarkSide targeted the Colonial Pipeline, which provides fuel to more than half of the east coast, using ransomware – that is, malicious software that holds systems hostage until a ransom is paid. Nowadays, Joe added, cybercriminals don’t even need to know how to create the ransomware, they can just purchase it on the dark web.
The continuous pace of these prolific attacks, the quick evolution of creative ways in which bad actors target the US government, its private sector and subsequently its people, took the stage at Tuesday’s hearing, particularly how the U.S. government lags behind its adversaries in cyberdefense investment, cyber workforce, and development of defenses to address ever-growing cybersecurity concerns.
One thing is certain, the country must “rethink” its “cyberwarfare” approach, said Sen. Gary Peters, D-Mich., chairman of the Senate Committee on Homeland Security and Government Affairs. Ranking Member Sen. Rob Portman, R-Ohio, added that the lawmakers are now grappling with what America´s cybersecurity quarterback, the Department of Homeland Security’s Cybersecurity and Information Security Agency, needs as lawmakers draft legislation to bolster cyberdefense. It is likely, he added, that ransomware attacks are also targeting other critical infrastructure aside from the pipeline.
Echoing Peters in the reassessment of the cybersecurity approach, CISA Acting Director Brandon Wales said that the nation’s “response toolkit” needs “sustained investment” to keep “pace and scale” with the “increasingly broad” cyberthreats.
The funding would allow CISA to help local and state governments as well as private sector players, which don’t have the resources and scale to tackle these threats by deploying sensors and technology at problem sites.
The government also needs, said Wales, to “move to more secure and defensible architecture” that implements “zero-trust” – by assuming hardware or software technology cannot be trusted – as the “baseline standard for network design and configuration” across all federal systems. Key goals for the funding are increasing the government’s cybersecurity personnel, ensuring the best “cyber hygiene” practices and modernizing the infrastructure, but Wales cautioned that these all need to be advancing in tandem.
“You want to make sure your technology, your people and your processes are being modernized together, because if any one of those lag behind, you’re going to introduce weaknesses into your overall information security programs,” Wales explained. Through the 2021 National Defense Authorization Act, the agency created its Joint Cyber Planning Office for operational collaboration throughout federal agencies, which will seek to unify “cyber incident planning.”
“The cyberattacks are going to keep coming,” said Portman. The recent pipeline attacks demonstrate the “tangible real-world consequences” of such intrusions and the “demonstrable” economic and national security impact they can have. And the federal agencies, he added, need to be “empowered, resourced and held accountable for what happens at those agencies.”
