Rising global tensions put us a few lines of code away from a significant cyber event
Reflecting on the threats and targets that we are most concerned with given the Russia-Ukraine war, cybersecurity is now the front line of our country’s wellbeing. Cyber threats endanger businesses and individuals — they can affect supply chains, cause power grid failures, and much more.
This growing environment of risks and increasingly aggressive adversaries demand our readiness, yet our national response continues to be largely reactive to threat conditions. History shows how a small event built on daisy-chained circumstances can kick off a catastrophe, or even a shooting war.
As the war in Ukraine endures and as countries around the world align, a rising threat emerges from Russian sources, adversarial states, unscrupulous opportunists, and a shadow world of 5th column provocateurs. An 800% increase in activities was observed in the first 48 hours of the invasion alone, and scanning and probes on domestic network infrastructures are reaching historic highs.
Cyber vs kinetic warfare
This is a heightened condition of hostilities that will continue and extend beyond physical engagements. We must confront the fact that globally sourced cyberattacks are the essence of modern warfare. It is simpler, cheaper, and more impactful to run a cyberattack campaign than a traditional kinetic act of war.
Cyberattack campaigns make strategic military sense since they are designed to impact communications, impact energy, cripple a population, military readiness, or make any number of dire situations worse. This is why we see intelligence agencies either directly or indirectly involved in cyberwarfare.
As Russia becomes more isolated from the rest of the world, it is believed that even in the aftermath of current conflicts its leaders, intelligence agencies, and even rogue groups of unemployed hackers will be more apt to deploy cyberattacks, either in retaliation or simply for monetary gain.
China has targeted the United States for decades and they have done so on every possible front. From the military, to business, to finance, to the global race for resources, China has leveraged every possible point using tools such as political influence, market manipulation, cyber intrusions, partnerships, and military threat.
Throughout the industry, we can track countless advanced attacks and backdoors to their efforts. In the crosshairs of this force are state departments, contractors, and any organization it can hook itself into. In many cases, their aim is a lot more everlasting, as it is industrial espionage and the theft of intellectual property in addition to ransoms.
We are in a position where even a minor escalation of cyberattack characteristics could cripple this nation and cause massive impacts on life and property. Our response positioning must equal and exceed the specter of the overall threats, and our readiness must be comprehensive.
In addition to the ongoing Congressional efforts to improve our national cybersecurity, we must add the following tasks to the national cybersecurity mission:
- Fix the damage. We must put a priority on funding new security initiatives, with an emphasis on new technologies, the growth of intelligent protection, and services that can augment the baseline of overall security posture.
- Training a nation Quality training systems must be made readily available that address modern kill-chain awareness, attack simulations, and advanced countermeasure techniques.
- Greater collaboration We must expand the efforts of the Cybersecurity and Infrastructure Security Agency (CISA) to work with the community beyond early warning systems, and to help model comprehensive cybersecurity protection systems by leveraging technologies and services.
- Pursue criminal activities We must continue to bring cases of cyber theft, cyberespionage, and cyberattack to the point of grand jury indictment. We need these cases as assets in defending our digital sovereignty, even when they will not result in fines or jail time.
Building a secure digital future is an essential task that demands success, and it should be one of our core missions as a nation. We must take measures to improve cybersecurity through increased knowledge, better technologies, and tactics that are built for the modern range of cyberthreat conditions.
From mobile endpoints to applications, to identity, and onward to the cloud and infrastructure combined, safeguarding critical assets is a comprehensive task that requires the highest possible prioritization. The recent history of cyber-driven disruptions to critical services thus far has only been indicative of warnings of what could happen.
We must face the threat that we are only a few lines of code away from a very significant event. Our readiness must improve immediately.