Donald Trump Has A Plan for CyberWar

Uploaded on 2016-04-15 in NEWS-Cybersecurity News, INTELLIGENCE--USA, GOVERNMENT-National, FREE TO VIEW

In a meandering, 100-minute-long telephone interview with The New York Times last week, Donald Trump elaborated on some of the bold and belligerent foreign-policy prescriptions he’s hinted at in the past.

He touched on nuclear weapons, spying and the fight against ISIS, bringing his tried-and-true “we’re losing” doom and gloom to each topic. His proclamations of decline seem to be designed to support what he said outright on Twitter last week, after a bombing in Pakistan killed dozens and injured hundreds: “I alone can solve.”

When confronted with a question about cyberwarfare, Trump leaned on the same tactics, while displaying a profound unfamiliarity with the issue.
David Sanger, one of the two Times journalists interviewing Trump, asked the candidate if the US should use cyberweapons as an alternative to conventional weapons or nukes, and if so, how often.

Trump said he didn’t think cyberweapons are an alternative to nuclear weapons “in terms of ultimate power.” He tacked back to discussing nukes—“I will tell you, I would very much not want to be the first one to use them, that I can say”—until Sanger asked him again how he would use the US cyber-arsenal as president.

And that’s when the Trump kicked into full woe-is-us mode. Here’s his answer, in full:

First off, we’re so obsolete in cyber. We’re the ones that sort of were very much involved with the creation, but we’re so obsolete, we just seem to be toyed with by so many different countries, already. And we don’t know who’s doing what. We don’t know who’s got the power, who’s got that capability, some people say it’s China, some people say it’s Russia. But certainly cyber has to be a, you know, certainly cyber has to be in our thought process, very strongly in our thought process. Inconceivable that, inconceivable the power of cyber. But as you say, you can take out, you can take out, you can make countries nonfunctioning with a strong use of cyber. I don’t think we’re there. I don’t think we’re as advanced as other countries are, and I think you probably would agree with that. I don’t think we’re advanced, I think we’re going backwards in so many different ways. I think we’re going backwards with our military. I certainly don’t think we are, we move forward with cyber, but other countries are moving forward at a much more rapid pace. We are frankly not being led very well in terms of the protection of this country.

Trump appears to be making three points here: first, that the US is “obsolete in cyber”; second, that the US can’t even tell where attacks are coming from; and third, that “the power of cyber” is “inconceivable” and should figure “very strongly in our thought process.”

That latter point is hard to argue with. Cyberweapons are indeed mind-bending: Look no further than Stuxnet, a US and Israeli cyberattack that caused Iranian nuclear centrifuges to spin out of control and destroy themselves. It was a landmark moment for state-on-state cyberattacks.

But his first two points are, as far as conventional wisdom goes, far wide of the mark. The US is in fact believed to have the most powerful arsenal of cyberweapons of any country. Its specific capabilities are a closely guarded secret, but the government is likely hoarding knowledge of vulnerabilities and security flaws that it could use to inflict damage on other countries’ computer systems—sort of like a reserve of warheads ready to be deployed.

And while attributing cyberattacks to a country or an individual is indeed one of the more difficult aspects of cyberwarfare—far trickier than figuring out where a missile was fired from, for example—the US has gotten pretty good at it. Soon after Sony Pictures Entertainment became the victim of a massive hack in 2014, for example, US officials pointed fingers at North Korea. The government was able to come to that conclusion because it had been spying on North Korean networks since 2010, The New York Times reported.

More recently, the Justice Department has embarked on a name-and-shame campaign, bringing public charges against foreign state-sponsored hackers who attack US government and private sector computers. It began in 2014, when the department placed five members of China’s People’s Liberation Army on a list of most-wanted cybercriminals for stealing trade secrets. In the past two weeks, two Syrians and seven Iranians have been charged and added to the list.

When Trump bemoans an “outdated” the US cyber-arsenal, he might be thinking instead of the sorry state of America’s cyber-defenses. Its shortcomings were made incredibly clear by the Chinese attack on Office of Personnel Management servers in 2015, when hackers gained access to the private information of 22 million people. Numerous other attacks on government systems and email servers have proved the government’s difficulty keeping digital information safe.

Trump certainly isn’t the only presidential candidate without a meaningful cybersecurity and cyberwar platform. A Wired summary of the contenders’ positions showed that all of them have painted their positions in very broad strokes, if they’ve even taken one.

But whoever takes over the Oval Office in 2017 will be handed more than just the country’s nuclear codes. The next high-stakes raid may not involve an elite team of Navy Seals, but rather hinge on vulnerabilities in an enemy’s computer code—so presidential hopefuls had better start wrapping their head around the “inconceivable power of cyber.”

Ein News: http://bit.ly/1S4QdmZ

« UK Investigatory Powers Bill Will Cost £1bn To Implement
Were Brussels Terrorists Trying To Build 'dirty bomb' »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CERT-MU

CERT-MU

CERT-MU is the Mauritian National Computer Security Incident Response Team.

OIC-CERT

OIC-CERT

OIC-CERT is the Computer Emergency Response Team for Organisation of Islamic Cooperation (OIC) member countries.

Uniscon

Uniscon

Uniscon is a leading provider of cloud security solutions in Europe.

Rwanda Information Society Authority (RISA)

Rwanda Information Society Authority (RISA)

RISA is at the forefront of all ICT project implementation, research, infrastructure and innovation within the ICT sector in Rwanda.

NextVision

NextVision

NextVision is a Cybersecurity and Technology company offering a range of solutions and services for Security, Compliance and IT Infrastructure Management.

Crosser

Crosser

The Crosser Platform enables real-time processing of streaming or batch data for Industrial IoT, Data Transformation, Analytics, Automation and Integration.

GlobalPass

GlobalPass

Covering 200+ countries with 78 000 databases, GlobalPass provides sophisticated facial biometrics verification and deep screening, delivering peace of mind to every client.

Coretelligent

Coretelligent

Coretelligent is a leading providers of Managed and Co-Managed IT, cybersecurity and private cloud services.

Polygraph

Polygraph

Polygraph monitors the activities of click fraud gangs, including how they operate, who they target, the techniques they use, and how to detect their fraud.

Federal Bureau of Investigation (FBI) - USA

Federal Bureau of Investigation (FBI) - USA

The mission of the FBI is to protect and defend against intelligence threats, uphold and enforce criminal laws, and provide criminal justice services.

CDS

CDS

CDS is a strategic change agency enabling organisations and businesses to create and build better services to meet the evolving needs of customers, employees and citizens.

U2opia Technology

U2opia Technology

U2opia is a consortium with a proven track record of delivering groundbreaking technology, cybersecurity, and innovative business solutions.

Disecto Technologies

Disecto Technologies

At Disecto, we provide SaaS based Data Discovery, Classification and a remediation solution for data privacy compliance.

JustunSecure

JustunSecure

JustunSecure is dedicated to promoting information technology and cybersecurity in Africa.

Qryptonic

Qryptonic

Qryptonic pioneers next-generation cybersecurity by leveraging the unparalleled capabilities of quantum computing to defend against evolving threats.

Cyvore Security

Cyvore Security

Cyvore combines cutting-edge AI, machine learning, and behavioral analytics to detect, investigate, and neutralize threats before they compromise your organization.