Foreign Policy Blogs

Well, what are we going to do with those cyber baddies

cyber war

U.S. Congressman Mike Rogers chairs the House of Representatives’ panel on intelligence, which this week overwhelmingly approved a new cyber security bill designed to enhance data sharing between the government and private industry to protect computer networks and intellectual property from cyber attacks.

Yet the day before it passed, Rogers had a more novel idea on how to deal with those stealing information from U.S. firms and government entities: name names.

Rogers noted that nations like China have little for the U.S. to steal back since, to paraphrase him, they stole everything of value they have from the United States.  The one thing the U.S. could – and should do – is make public compromising communications and other materials, Rogers said.

“We are in a cyber war and we just don’t know it,” Rogers, R-Mich., said at an event on the cyber threat sponsored by the American Center for Democracy. “We had better do something now” or cyber terror will ruin the U.S. economy.

In the colloquy, the cyber policy experts offered a frank, in-depth montage about threats to the U.S., saying it is past the time to act and imperative to put someone in charge of the effort.

“We got lots of work to do,” said James Woolsey, former CIA director. “Who is in charge? No one really.”  He noted that the American dog food industry spends more on research than individual U.S. firms spend on researching the hacking problem.

The experts fretted at the stagnation by the U.S. while its enemies become more skilled, daring and determined to steal intellectual, economic and national security data across the spectrum. That said, the U.S. still can both counter and pro-actively deal with cyber threats if it seeks new ways of government-private sector, among other things, they said.

The discussions were detailed, pointed and real – and yet the idea of cyber war seems elusive to many. Blood and guts in places like Syria can be grasped yet the potential danger of a true cyber attack – greater than nuking a city – seems to generate no forceful, focused action.  U.S. security hinges greatly on cyber security, yet U.S. foreign policy has no guide points to act.

“It is very inexpensive to create a better offense than defense” in cyber security,” said former FBI Deputy Assistant Director Steven Chabinsky. “The private sector can do a lot hand in glove with the FBI, CIA, and the military and that’s not (retribution).”

The largest cyber attack in history struck during the last week in March. The theft of U.S. intellectual property and scientific innovations have already cost billions of dollars and severely damaged the U.S. economy. An 18-month study from the Pentagon’s Defense Science Board, which formed a task force to review the vulnerability of American military networks, found that during war-game exercises “red team” adversaries were able to hack into the networks with “relative ease.”

“We cannot continue to treat security as a bolt-on afterthought.” Department of Homeland Security Under Secretary for Cyber Security Mark Weatherford said.  “We are backing into a situation … like we’re in with the war on terror,” said former U.S. Attorney General Michael Mukasey. “We are (only resorting) to retaliation.”

Cyberspace has quickly become the central arena for hostile actions launched by a broad spectrum of adversaries, ranging from nation states and aligned and non-aligned terrorists and criminal groups and individuals. Cyber attacks come in many forms—denial-of-service, intellectual property theft, and disruption or manipulation of financial transactions, transportation, the electric grid and other critical infrastructure.

And not just in the U.S.  The president of Estonia, hit hard by a cyber attack from Russia, said nations must act now. “Genuine cyber security should not be seen as an additional cost, but as an enabler, guarding our entire digital way of life,” Toomas Hendrik Ilves said on Friday.

Woolsey said there are 18 critical structures in the U.S. and that 17 of them are dependent on the 18th – electricity. A cyber strike against the fragile grid would render the U.S. helpless, with a prolong loss of electricity possibly leaving 200 million American dead in a year. Yet nothing has been done to protect the grid, he said.

The experts had some ideas, but the only live action is Rogers’ bill (the Cyber Intelligence Sharing and Protection Act or CISPA); privacy advocates worry its provisions will allow companies to share consumers’ personal information with intelligence and law enforcement agencies without permission. The bill was introduced last year; the House passed the measure, but it went no further after a veto threat from President Obama.

Rogers said he expects the bill, or a version of it, to be before President Obama for signature this fall.

(Photo credit: U.S. Air Force)




Tom Squitieri

Tom Squitieri has spent more than three decades as a journalist, reporting overseas for the Lowell (Mass.) Sun, the Boston Herald and USA TODAY. He won three Overseas Press Club awards and three White House Correspondents' Association awards for his reporting from Haiti, Bosnia, and Burundi. He is a newly-elected board member of the Overseas Press Club.

In academics, Squitieri was invited to create and then teach a unique college course that combines journalism, public affairs, ethics, philosophy, current affairs and war zone survival skills into a practical application to broaden thinking and day-to-day success. The class "Your 15 Minutes: Navigating the Checkpoints in Life" has a waiting list each year.

Born in Pittsburgh and raised in western Pennsylvania, Squitieri has been on all seven continents and in dozens of places he intends to keep secret.