WASHINGTON – After years of relentless attacks from state-sponsored hackers, the U.S. is toughening its stance in the cyberfight against Russia, China and other nations.
Critics have long charged that America’s response has fallen woefully short as adversaries targeted U.S. national security networks, government agencies and voting systems.
But under a series of new measures, U.S. officials are touting a more muscular approach — including a greater willingness to launch offensive cyberoperations.
President Donald Trump recently revoked his predecessor Barack Obama’s rules requiring high-level authority for big military cyberoperations, and national security adviser John Bolton warned that any country conducting cyberattacks could face an offensive response.
Then on Thursday, Defense Secretary Jim Mattis said the U.S. is making its cybercapabilities available to NATO, warning Moscow it must “pay the piper” after the Netherlands revealed an alleged plot by Russia’s GRU military intelligence agency to hack the Organization for the Prohibition of Chemical Weapons.
Coincidentally, the U.S. on Thursday indicted seven GRU agents as part of a joint crackdown with Western allies on a series of major hacking plots attributed to Moscow.
Mattis said an international response to hacking attacks would not necessarily be a tit-for-tat cyberoffensive, but told Moscow it will “have to be held to account.”
RAND Corp. intel and cyberexpert Cortney Weinbaum said that in today’s modern threat environment, kinetic weapons alone are no longer sufficient.
She said she interpreted Mattis’s comments “as meaning that the U.S. will offer all of our warfare capabilities, which now include cyber, to defend the NATO alliance members.”
“This pledge will hopefully have a deterrent effect to prevent such a scenario from occurring,” she added.
Other experts also approved of the move.
“NATO needs to ensure it has the requisite tools, capabilities and strategies in place to match the current threat environment,” said Frank Cilluffo, who directs the McCrary Institute for Cyber & Critical Infrastructure at Auburn University.
Still, the Pentagon is playing catchup as it bolsters its capabilities, having for years underinvested in talent that all too often is swiped up by the well-paying private sector.
“A great deal of the department’s cyberreadiness issues revolve around the shortage of skilled cybercapable personnel,” Sen. Mike Rounds, who heads a Senate cybersecurity subcommittee, said last week.
“The current recruitment, pay, retention, and career pathway structures in place are not equipped to manage this problem.”
Last month, the Pentagon released a revamped cyberstrategy that states it will conduct cyberspace operations to collect intelligence and prepare military cybercapabilities to be used in the event of crisis or conflict.
The report blasted Russia and China for what it called their continued interference.
“We will defend forward to disrupt or halt malicious cyber activity at its source, including activity that falls below the level of armed conflict,” the strategy states.
According to a report in Bloomberg News on Thursday, tiny chips inserted in U.S. computer equipment manufactured in China were used as part of a vast effort by Beijing to steal U.S. technology secrets.
The chips, the size of a grain of rice, were reportedly used on equipment made for Amazon, which first alerted U.S. authorities, as well as Apple and possibly for other companies and government agencies including the military.
The U.S. has not said much about the types offensive cyberoperations it has pulled off in the past, though it has acknowledged attacking Islamic State group networks.
But “if you look at what the Russians are doing, figure that we can probably do that stuff too — whether we would is another question,” said expert Martin Libicki, a professor at the U.S. Naval Academy.
“U.S. operational security is pretty good. We may well be doing things that others have not discovered,” he said.
IN FIVE EASY PIECES WITH TAKE 5