The United States is at a crossroads with cybersecurity. The threat of cyberterrorism from both state and non-state actors is very real, yet the U.S. has been painfully slow when it comes to digital safeguards. The government’s past failures to secure its assets is problematic, especially with the approaching midterm elections, and only deliberate action in both the public and private sectors can offer a real solution.
The Current Track Record
In just the past decade, hackers and state actors have managed to breach American servers and cause varying degrees of mayhem to U.S. interests.
In 2008, the U.S. Department of Defense was breached when foreign agents at a military base in the Middle East managed to plant an infected flash drive. The drive was inserted into a U.S. military laptop, which uploaded a rogue code into U.S. Central Command’s network and transferred military intelligence to foreign servers. A year later, Chinese hackers hit Google and gained access to valuable data on American surveillance targets. According to the U.S. government, the data in question included court orders on Chinese operatives on U.S. soil.
Then in 2015, the Office of Personnel Management revealed that hackers breached its servers in March of the previous year, exposing the social security numbers, addresses, birthdates and names of nearly 21.5 million current and former government workers.
Finally, U.S. intelligence agencies agree Russian hackers tried to influence the 2016 presidential election. It’s confirmed that Russian operatives infiltrated the Democratic National Committee’s servers, as well as the personal emails of Clinton Campaign Chairman, John Podesta. Special Counsel Robert Mueller III is currently investigating Moscow’s depredations into our political system. Charges have already been filed, and more are likely to come.
Additionally, intelligence officials now believe Russia has already targeted the upcoming midterm elections this Fall. Director of National Intelligence Daniel Coats recently told elected leaders that the Russians are using fake social media accounts and online propaganda to inflame divisions within the American public. But Coats also said that “no single agency” in charge of combating Russian meddling.
In light of this trend, it’s not hard to see why a report from the organization Security Scorecard found U.S. government agencies ranked last in cybersecurity when compared to private organizations.
What Needs Doing
Any meaningful bolstering of our cyber defenses will be a massive undertaking, but not an impossible one.
On the political side, one available path is to allocate more funds to state and local governments, many of which simply lack the resources to improve the security in their computers and voting machines. According to a study conducted by the National Association of State Chief Information Officers and Deloitte, 80 percent of state chief of information officers in the survey reported a lack of funding as their biggest challenge in beefing up cyber security.
It would certainly be worthwhile for states, if not the federal government, to spend more money on a robust technological infrastructure. Not only would this minimize the likelihood of outdated voting machines being hacked, but it could also help prevent larger targets on the local level from being hit.
Consider large cities with computerized power grids and public transportation systems. These are prime targets for hackers looking to cause mayhem on a physical, tangible scale. Even new model cars with built-in computers and microchips are in danger of being hijacked via cyber warfare. Imagine if hackers targeted cars, trains, stock exchanges, and power grids in a city like New York. An entire metropolis could be brought to a standstill with a few clicks. Not only would such an event put people in physical danger, but the effect it could have on the U.S. economy is staggering.
Speaking of the economy, the global market is another front in the escalating theater of cyber warfare. In 2016 alone, cybercrime cost an estimated $450 billion to the global economy, according to a CNBC report. Thankfully, there are ways private businesses can bolster their own encryption techniques. Aside from improving IT protocols to address cyberattacks, investing a company’s human firewall could be a simple but effective solution. In an interview with CNBC, Steve Langan of the insurer Hiscox included the human factor as part of a four-step process companies can use to minimize cybersecurity risks.
“Thirdly, more importantly and where people actually forget to do this, is to build the human firewall in your business, so train your staff to recognize those suspect emails which are getting increasingly sophisticated and very difficult to distinguish,” Langan said in the interview.
Finally, the government and certain private entities might find it mutually beneficial to work together against digital terrorism. Specifically, a partnership between the U.S. and social media entities can go a long way to minimize the influence of foreign actors, namely Russia. Politico reported last year that Russian intelligence creates hundreds of fake profiles on websites like Twitter, Facebook, and other social media platforms. These profiles are used to influence the American public through micro-targeting, feeding voters tailored content in order to sway their choice at the ballot. As pointed out in the same story, the government sharing intelligence with these companies would help “identify the location of these social media bot factories and to determine which pretend Americans they have falsely created.”
The 21st Century has seen the exponential rise of digital technology, and with it, new forms of terrorism and theft. The U.S. has the chance to become a leader in this new front of modern warfare, both for the sake of our voting process and our economic well-being. If our country fails to take appropriate steps now, we will be left behind as the rest of the world safeguards itself.