9 September 2019

The United States Is Taking Action Against Cyber Foes

By Robert K. Ackerman
Source Link

The United States is now presenting cyber adversaries with a bill for their malevolent activities. Counter-cyber efforts have joined traditional defensive measures as the intelligence community confronts cybermarauders with greater detection, discovery and prevention.

Several high-ranking intelligence officials described this new tack in combating cyber threats during a panel discussion at the AFCEA/INSA Intelligence & National Security Summit on September 5. Their observations ranged from election meddling to a potential all-out cyber war.

Lt. Gen. Stephen G. Fogarty, USA, commander, U.S. Army Cyber Command, was blunt about efforts to counter Russian election meddling. “I don’t know a single event that will impede [the Russian cyber adversaries],” he declared “But we want to impose as much cost as possible. For the mid-term elections, we did persistent engagement … and we imposed costs.”


Cold war deterrence was a success; we didn’t annihilate each other with nuclear weapons. This [cyberspace] environment is different.—Lt. Gen. Stephen G. Fogarty, USA, commander, U.S. Army Cyber Command @ARCYBER #IntelSummit19

Efforts already are underway to address expected Russian information operations for the 2020 election. “In 2020, they will try to mitigate the costs we impose on them,” the general said, adding that there will be more of a two-way exchange over their efforts. “I think it is going to be pretty sporty.”

In 2020, they will try to mitigate the costs we impose on them. I think it is going to be pretty sporty.—Lt. Gen. Stephen G. Fogarty, USA, commander, U.S. Army Cyber Command @ARCYBER #IntelSummit19

Several panelists suggested the election will be vulnerable to a variety of attacks, with one panelist warning of the potential for a ransomware attack on voting lists. Tonya Ugoretz, deputy assistant director for cyber, FBI, addressed that issue directly. “Let me be unequivocal: we do not recommend paying ransom,” she stated.

Rick Howard, chief security officer, Palo Alto Networks, said, “We have to find a way, as a nation, to help cities, towns and villages to prevent [ransomware] from happening.”

We have to find a way, as a nation, to help cities, towns and villages to prevent [ransomware] from happening.—Rick Howard, chief security officer, Palo Alto Networks @PaloAltoNtwks #IntelSummit19

Ugoretz also addressed the upcoming election, saying that government agencies are working together better on the threat. “The nature of these problems requires a coming together of what have been different areas of responsibility,” she said. “Since 2016, we have built those roads and are having conversations every time. There is a level of imagination and expectation of what might be in store for 2020.”

There’s no shortage of vulnerabilities for adversaries to exploit, and that landscape is going to grow.—Tonya Ugoretz, deputy assistant director for cyber, FBI @FBI #IntelSummit19

Jeanette Manfra, assistant director for cybersecurity, DHS, discussed the big picture for cybersecurity. “We must understand vulnerabilities as well as consequences,” she pointed out, adding, “If we actually go to cyber war, we have a national response plan, but there are a lot of gaps in thinking about an emergency response plan.”

If we actually go to cyberwar, we have a national response plan, but there are a lot of gaps in thinking about an emergency response plan.—Jeanette Manfra, assistant director for cybersecurity, DHS @CISAManfra #IntelSummit19

Gen. Fogarty was not shy about U.S. actions in the age of cyber war. When asked if he could imagine the United States saying it conducts offensive cyber operations, his answer was unambiguous. “I think we should. Absolutely.”

No comments: