Monday, March 31, 2014

The Missing Element in U.S. Cyber Security

By Jim McFarlin

In the global picture, the recent Target cybertheft is but a reminder that America - all of America - is under attack.

Late last year, the U.S. Navy discovered that its computer systems had been breached and its communications compromised. Not only did the Navy not know for how long the breach had been occurring, but it took them four months to rid their networks of the spyware that had been imbedded.

Whether by cybertheft, cyberterrorism, or cyberwarfare, the critical systems that generate and distribute electricity, operate our financial markets, and command our nation’s military and defense forces, to mention a few, are all targets.

And, unfortunately, this is a battle we are losing.

In September 2013, FBI Director James Comey told the Senate Homeland Security and Governmental Affairs Committee that cyberattacks were likely to eclipse terrorism as our primary domestic danger over the next decade. That’s right: cybersecurity threats to the U.S. are only going to increase.

What can be done to ensure the safety of America’s computer networks? There are a few options to consider.

The classic answer? Keep beefing up our cyber defenses, of course. But hold on a second: Target had done exactly that, investing $1.6 million in powerful new cyber monitoring software that ultimately failed to protect its customers’ personal data and credit card information. Unfortunately, Target’s cybersecurity personnel ignored alarms sent from the vendor in late November that they were most likely under assault. And we know how that ended.

Detect and deter is another approach. The National Security Agency’s cyberintelligence operations may have effective deterrent capabilities, but the problem with this solution is that we are still playing defense.

A more powerful strategy may lie in preemptive actions to deter hackers’ and terrorist groups’ capabilities to attack. The U.S. Cyber Command possesses powerful cyberattack capabilities. Marrying the NSA’s intelligence of emerging threats with the capability to launch preemptive strikes from Cyber Command could quite possibly go a long way toward disrupting many future attacks against the U.S.

But the will to take such action? This is another matter entirely, one that lies squarely in the hands of our country’s policy makers. Let’s hope they are not only learning from the breaches that have penetrated Target and the U.S. Navy, but heeding the warnings of their FBI director, too.

The security of our nation and the continuance of our way of life hang in the balance.

("Action Word" image: Stuart Miles/

No comments:

Post a Comment