Go it Alone in Cyber Security

Impact

Thousands of files are stolen from the Pentagon. Major oil companies have gigabytes of internal information taken. Cyber operators believed to be from Russia and China have even penetrated the U.S. power grid, and probably left programming behind that could shut down the electric grid. These examples alone should prove that cyber security is an issue of paramount concern for the U.S. While international cooperation may be of some use, the most effective way to contain this problem is to treat it as a national security issue.  

“Cyber-attack” is really a misnomer, since almost all of these operations are not offensive with the intent of causing direct damage to the nation or company. A more accurate term is “cyber-espionage,” since the ultimate goal of the state or non-state actors is almost always to obtain information. This also helps explain why a diplomatic, multi-nation solution will never occur.

Cyber-espionage is in the end a form of intelligence gathering, and almost every nation in the world is involved in it; not just the CIA and MI6. The French are notorious as industrial spies, stealing secrets from allies. China is infamous for its attempts to obtain U.S. military secrets, with some of their more notorious spies being naturalized U.S. citizens. In fact, most of the world’s governments and many non-state actors are believed to be collecting intelligence from within the U.S.

China is perhaps the most obvious example of one country using its cyber capabilities to obtain intelligence. The number of cyber-espionage operations believed to have been committed by the PRC is pretty astounding, with the funding and interest in the cyber world to back up this claim. Despite this, China continues to deny that it is involved in this type of espionage. The most obvious reason for this is that no one can be 100% sure of their involvement. The use of complicated software and proxy servers means that it is impossible to simply trace a hack back to an individual computer in a Chinese military base. The U.S. and others are not going to risk alienating a very important nation over stolen files that they cannot prove were taken by the PRC.

International cooperation, no matter how well intentioned, could only ever be a small part of the solution. The most obvious example might be in combating non-state actors. The reason is that each state has a vested interest in not letting non-state actors (terrorists, militias, etc.) have a capability to harm them. The problem, however, is the same as in intelligence sharing: one does not know where the level of information shared ends.

If one country finds a hole in security that someone else has been exploiting, what would stop them from protecting themselves and then using this hole in security for their own purposes? Other than the PRC, numerous nations, including France and Russia, also have impressive cyber capabilities, and their documented history of espionage should make it clear that they are most likely willing to use cyber espionage against the U.S. as well.

The solution lies in improving the capabilities of the U.S. national security apparatus to prevent and defeat attempts at penetrating public and private networks. This is a very general statement, and the truth is that no one is completely sure how this can be done.

A good place to start, however, may be looking across the pond. In 2010, the United Kingdom opened their Cyber Security Operations Centre (CSOC), a multi-agency organization working within GCHQ (the UK equivalent to the National Security Agency). Their goal is to coordinate efforts in order to find and neutralize threats and better prepare for future cyber operations. 

In the U.S., there is the military’s cyber command, the NSA, the Department of Homeland Security, and the FBI are all working on cyber operations. While there are no public results from CSOC to determine if this effort at cooperation in the UK has been successful, perhaps the U.S. should consider a similar path in order to combine the information and methods used to protect military, public, and private computer networks. While international cooperation is ideal, the U.S. cannot simply place all her trust in foreign nations with a history of spying, and must take measures to defend her cyberspace from both friend and foe alike.

Photo Credit: Wikimedia Commons