What the U.S. can do now to protect against Russian cyber warfare advances

The Russians are not coming, they are here. And they’re poised for new age warfare that uses weapons of mass disruption rather than destruction. 

This goes beyond any dispute about Russia trying to sway our elections or possibly using chemical weapons on a former Russian spy in England. The U.S. government’s Computer Emergency Readiness Team released a report on March 15 detailing Russian cyber efforts that targeted “U.S. Government entities as well as organizations in the energy, nuclear, commercial facilities, water, aviation, and critical manufacturing sectors.” 

We already knew last year about some cyber intrusions, but officials cast the incident as relatively benign. The new report identifies the fox in our house as Russia, and it gives more chilling details on the widespread efforts to take over industrial control systems, the actual systems that make the infrastructure work. That possibility is what makes this scary.

Why aren’t we having a larger conversation about this? Maybe because we are not equipped to address the risks as we stumble into the future.
The same morning that report was issued, the North Texas Crime Commission‘s Cyber Committee was meeting in Richardson. The leadership of the committee pointed out how woefully short we are of computer graduates in North Texas, with the number eligible for some sensitive jobs, i.e., U.S. citizens, smaller still. We end up bringing in graduates from other areas to serve our area’s needs.

But this is a bigger U.S. issue. The Bureau of Labor Statistics projects that, outside of the medical and personal care aides needed for our aging population, the highest demand for employees nationwide will be in software development and applications.

What can we do to protect our critical infrastructure beyond developing the right workforce?

1. Prevent intrusion. The U.S. government is trying several fronts, including promoting and coordinating better efforts across 16 critical infrastructure sectors. Early last year, the Department of Homeland Security set up a new critical infrastructure sub-sector, the Election Infrastructure, as it recognized the threat to our electoral systems. And critical infrastructure information-sharing organizations get strong backing from Homeland Security, which has set up an automated information sharing platform that needs strong private sector participation if it is to succeed. A cybersecurity framework of good practices, initiated under President Barack Obama, is being updated. 

2. Detect intrusion and respond. The private sector controls most of the U.S. critical infrastructure, and it must adopt a voluntary cybersecurity framework and share first-line information once a breach is detected. Our government needs to do better, too, and not just in terms of our election systems. The U.S. Defense Department itself is under massive attack, with attack sophistication rising. Although government leaders say they are prepared, independent analysis says they are not.

Even if the private sector volunteers to do better and the public sector improves its cyber posture, a determined, well-funded adversary can likely penetrate and disrupt operations. What do we do then and what can be done to deter them from even trying?
President Donald Trump’s Nuclear Posture Review, released last month, threatened responding with nuclear weapons to a devastating cyberattack “on the U.S., allied, or partner civilian population or infrastructure.” Let’s hope that is a remote possibility, as the Defense Department says. Still, elevating the U.S. Cyber Command should mean more resources for it.

We should let potential attackers know we can identify them and will act against them by threatening sanctions for cyber attacks. And we need allies on board with these actions.

3. Improve resilience. U.S. infrastructure is already in a sorry state and our recovery capacity is poor. It could take little for Russia and others to further compromise our systems. Want to keep the lights on? Consider buying your own generator. And go to ready.gov to learn more.

We cannot keep hoping for the best without preparing for the inevitable. The Russian government is not the only one with disruption capability. China may also be turning toward developing more offensive cyber abilitiesNorth Korea was behind the WannaCry ransomware attack. Syria, Iran and even ISIS all are developing cyber capabilities. We need to do more, too.

 

This piece was originally published on Dallas News and can be read here

Subscription Options

* indicates required

Research Areas

Pivotal Places

Publications & Project Lists

38 North: News and Analysis on North Korea