The US Is Facing A Catastrophic Cyber Attack

Uploaded on 2020-03-31 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

The US Cyberspace Solarium Commission, a bipartisan body of lawmakers, intelligence officials and others, has claimed in its Report that the country faces multiple threats from cyber-criminals and nation states. In its new report the CSC has warned that the nation is “dangerously insecure in cyber,” and recommended a series of actions intended to avert damaging attacks on critical infrastructure and the financial system.

The US is facing a “catastrophic cyber-attack” which could create lasting damage exceeding that of the many serious fires, floods and hurricanes the country has had to endure, according to a new analysis from a federal commission.

The Report says that digital connectivity that has brought economic growth, technological dominance and an improved quality of life to nearly every American has also created a strategic dilemma.The more digital connections people make and data they exchange, the more opportunities adversaries have to destroy private lives, disrupt critical infrastructure and damage our economic and democratic institutions, the Report states.

The report notes that about 95 per cent of successful cyber-attacks are the fault of what he called “rookie mistakes that people making in configuring technology, or [poor] digital hygiene, not patching, retaining default passwords.”

Named after President Dwight Eisenhower’s 1953 Project Solarium on strategic challenges, the 182-page Report makes 75 recommendations across the public and private sector, while presenting several draft bills and proposing changes to government departments and the creation of a National Cyber Director.

“The United States now operates in a cyber-landscape that requires a level of data security, resilience and trustworthiness that neither the US government nor the private sector alone is currently equipped to provide... Moreover, shortfalls in agility, technical expertise and unity of effort, both within the US government and between the public and private sectors, are growing.”

To tackle these challenges, the commission advocated a “layered cyber-deterrence” approach designed to “shape behavior, deny benefits and impose costs.”

The first requires the US to work with allies to promote responsible behavior in cyberspace, the second, to work with the private sector to enhance security, and the third, to retain the capacity to retaliate against enemies in cyberspace.

The Reports strategy outlines three ways to achieve this end state:

  1. Shape behavior The United States must work with allies and partners to promote responsible behavior in cyberspace.
  2. Deny benefits The United States must deny benefits to adversaries who have long exploited cyberspace to their advantage, to American disadvantage, and at little cost to themselves.
    This new approach requires securing critical networks in collaboration with the private sector to promote national resilience and increase the security of the cyber ecosystem.
  3. Impose costs The United States must maintain the capability, capacity, and credibility needed to retaliate against actors who target America in and through cyberspace.

US Future

The report stated that neither the US government nor the private sector is prepared to meet today’s cyber threats and that existing shortfalls in preparedness are getting worse. Therefore, the status quo in cyberspace is unacceptable. The current state of affairs invites aggression and establishes a dangerous pattern of actors attacking the United States without fear of reprisal. Adversaries are increasing their cyber capabilities while US vulnerabilities continue to grow.

There is much that the US government can do to improve its defenses and reduce the risk of a significant attack, but it is clear that government action alone is not enough.

Lawfare:       Infosecurity Magazine:      Claims Journal:     IT World Canada

You Might Also Read:

Top Six Cyber Secure Countries:

A New Age of Warfare:

 

 

« Container Shipping Gets A Cyber Security Mandate
Artificial Intelligence, Automation, Training & Jobs »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

DataGuidance

DataGuidance

DataGuidance is a platform used by privacy professionals to monitor regulatory developments, mitigate risk and achieve global compliance.

Tresorit

Tresorit

Tresorit helps teams to collaborate securely and easily by protecting their data with end-to-end encryption.

WatchGuard

WatchGuard

WatchGuard is a leader in network security, secure Wi-Fi, and network intelligence products and services for SMBs and Enterprises worldwide.

CERT.br

CERT.br

The Brazilian national Computer Emergency Response Team

Cybersecurity Philippines CERT (CSP-CERT)

Cybersecurity Philippines CERT (CSP-CERT)

Cybersecurity Philippines CERT is the national Computer Emergency Response Team for the Philippines.

RevenueStream

RevenueStream

RevenueStream uses an innovative algorithmic approach to intercept and prevent payment fraud before it even happens.

Rogue Wave Software

Rogue Wave Software

At Rogue Wave, our mission is to simplify your hardest problems, improve software quality and security, and shorten the time it takes to deliver value.

Guardsquare

Guardsquare

GuardSquare is the global reference in mobile application protection. We develop premium software for the protection of mobile applications against reverse engineering and hacking.

Approach

Approach

Approach is a leading provider of cyber security consulting and secure application development services in Belgium.

DFI

DFI

DFI is a global leading provider of high-performance computing technology across multiple embedded industries.

Newtech Recycyling

Newtech Recycyling

Newtech Recycyling specializes in the removal and disposal of IT infrastructure which has reached the end of its life cycle.

Baker Donelson

Baker Donelson

Baker Donelson is a law firm with a team of more than 700 attorneys and advisors representing more than 30 practice areas including Data Protection, Privacy and Cybersecurity.

General Informatics

General Informatics

General Informatics is a team of technology enthusiasts with one mission: to make our clients even more successful through the best use of technology.

Jera IT

Jera IT

Jera IT provide fully managed IT support, cybersecurity services, telecoms systems, and IT strategy consultancy to businesses based in Aberdeen and the surrounding area.

Actelis Networks

Actelis Networks

Actelis Networks is a market leader in cyber-hardened, rapid deployment networking solutions for wide-area IoT applications.

Gcore

Gcore

Gcore is an international leader in public cloud and edge computing, content delivery, hosting, and security solutions.