News of an expanded Pentagon cybersecurity initiative, combined with daily reports of prominent hack attacks, are prompting many to consider the current status of the U.S. vulnerability to digital warfare — an effort that has the current administration racing on all fronts.
The Pentagon is readying an expanded effort to safeguard its contractors from hackers and is building a virtual “firing range” to test new technologies, according to officials familiar with the plans. The initiative responds to a recent set of cyber-attacks that have heightened concerned about the porousness of digital borders against unscrupulous parties.
Hackers have targeted corporations for some time now, with the April attack on Sony, the largest breach in history, serving as the pinnacle of these efforts. In response, Sony, along with fellow victim Epsilon supported government regulators as they sought remedies to the problem.
Now the government is working with the tech industry to develop a voluntary security program, where basic measures are identified, agreed upon and implemented. The government’s role here would be one of facilitator, offering reduced legal liability to U.S. companies in the event they are attacked, to reward their investment in the often expensive security recommendations.
But corporations are not alone in being susceptible to hacking. For governments and their agencies, the attacks seem to be escalating and forming a pattern. When Google revealed it disrupted a spear phishing campaign that succeeded in hacking prominent U.S officials, military and journalists’ Gmail accounts, they pointed to Chinese-based hackers in a national security angle.
That angle only seems to have strengthened, with recent attacks on defense contractor Lockheed Martin, the International Monetary Fund, the U.S. Senate, and the CIA. The attacks range from the specific and deliberate to those that seemed designed to humiliate and cause embarrassment.
These attacks illustrate how hackers can use mobile technology to work quickly, under the radar, and to change pace quickly — all things a government is cannot do. It is quicker and easier to develop an app than it is to develop and implement a policy, and the hackers are using this inherent edge to their advantage. The Pentagon recently revealed it is developing a protocol that could equate a certain magnitude of cybercrime as an act of war, but questions remain on how well it can fight in the battle.
So far, U.S. companies and governmental agencies are putting together piecemeal solutions, but none seem to address the underlying problems of responsiveness and agility. The U.S. military’s cyber command estimates that the Pentagon computer systems are probed by would-be assailants 250,000 times each hour. The constant assault is unrelenting and many compare it to an infestation — once infected, they never really go away.
While the government’s hands are full with the current nature of threats, the future looks cloudy, too. Experts have serious concerns about the security of the much touted cloud computing, even while realizing its cost savings potential. And, while security experts conflict on many fronts, one thing they all agree on is the “zero-day attack,” when hackers are able to exploit a vulnerability that is unknown until it is attacked, at which point it is too late.
The government’s attention to the matter is a critical first step, and nobody doubts that increased security measures will surely be a part of everyone’s future. The question is whether or not the government is able to act fast enough to forestall a major breach.