Staying on Offense for Cyberdefense

COMMENTARY Defense

Staying on Offense for Cyberdefense

Nov 30, 2011 2 min read
COMMENTARY BY
James Jay Carafano

Senior Counselor to the President and E.W. Richardson Fellow

James Jay Carafano is a leading expert in national security and foreign policy challenges.

You know the situation is desperate when debate over how to solve a big problem brings to mind the old wheeze about the weather: Everybody talks about it, but nobody …

And so it goes with cybersecurity. On this issue, Washington resembles a tribe of cavemen (and women) who, 60 years after the invention of the wheel, still gaze upon the tool and ask each other: “What next?”

To be fair, when it comes to military and intelligence applications, Washington has advanced the cybersecurity ball quite well. Our side can do cyberstuff no one in the world can defend against. The problem is, even wecan’t defend against those advances. That’s a worry. If we can take the offensive, so can others.

The dangers lurking in cyberworld made headlines last week with reports of a cyber-attack on a public water utility in Springfield, Ill. Initial news accounts said foreign hackers had inserted malicious software into the pump-control system, causing it to malfunction and burn out. The Department of Homeland Security now says foreign hackers weren’t involved. But the incident as originally reported sounded quite like the cyber-attack that infected an Iranian nuclear-fuel production facility with the Stuxnet virus.

Of course, there are no “easy button” answers for cyberdefenses. The online world is one of the most dynamic environments on earth. Technology advances too rapidly to be defended by White House-appointed cyberczars manning the cyber-Maginot Line parapets. As soon as new firewalls and virus-protection programs are fielded, new malicious software and botnets assault them.

For the foreseeable future, then, the most vital work on national cybersecurity will be staying on the offensive and going after the cyber-bad-guys. Hard.

Some say it’s impossible to get to the bad guys, that it’s too difficult to determine where an attack originates because it can be routed through numerous servers and third-party computers around the world. But that argument weakens by the day. Cyberforensics and early-warning systems are being developed and fielded as fast as new threats. Moreover, analyzing Internet traffic isn’t the only way to track down bad cyber-actors. Good intelligence operations can get the information needed to unmask the bad guys.

In reality, attribution usually is a problem either because the attacks are so numerous and nuanced they’re simply not worth running down or because the perpetrators are those we don’t want to expose. (Think Russia and China. If Washington publicly admitted they’re robbing us blind online, Washington would have to do something about it.)

In the latter instances, a little cyberdeterrence can go a long way. All-out cyberwar between major actors such as China and the U.S. is unlikely because that likely would result inmutual cyberdestruction.

In addition to investing a lot in cybersecurity, Washington needs to think more broadly about cyberwar. It’s not just our electrons fighting their electrons. We must retain the capacity to go after bad cyber-actors with all the instruments of national power - economic, political, diplomatic and military power - not just software.

My Heritage Foundation colleague Paul Rosenzweig insists that we need a fully stocked cybersecurity toolbox. We should view ourselves as fighting a cyber-counterinsurgency, he says, and we need more than cyberbullets to fire back. We also must attack our cyber-enemies’ means of financial support, political cover and legal status. Treat them like enemy combatants, criminals, hacktivists and heretics all at the same time, Mr. Rosenzweig says.

The fate of WikiLeaks and its fuzzy-headed founder, Julian Assange, offers a case in point. The organization has been assaulted and spurned by all sides, from companies such as PayPal and Mastercard that cut off its services to the initiators of an armada of legal actions. WikiLeaks is on the brink of collapse.

Most important for the prosecution of good cyber-counterinsurgency: All the instruments of power have to be played as if they are in the same orchestra. That requires a strong, committed conductor.

James Jay Carafano is director of the Sarah Allison Center for Foreign Policy Studies at the Heritage Foundation.

First appeared in The Washington Times