US Has Devastating Cyber Weapons

Uploaded on 2018-09-28 in INTELLIGENCE--USA, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, NEWS-News Analysis

The White House took a first step this week to fulfill President Donald Trump’s campaign pledge to launch “crippling, crippling” cyber-attacks on adversaries to protect US computer systems, unveiling a new strategy that will allow the United States to take the offensive in cyberspace. 

But experts warn that the new cyber strategy risks exposing the United States to blowback and turning the Internet into a Wild West of hacking operations. 

In rolling out the administration’s new “National Cyber Strategy,” National Security Advisor John Bolton said that Trump had removed restrictions on the use of offensive cyber-operations and replaced them with a more permissive legal regime that gives the Defense Department and other agencies greater authority to penetrate foreign networks to deter hacks on US systems.

“Our hands are not tied as they were in the Obama administration,” Bolton said. Bolton described the new authority as part of an effort to “create powerful deterrence structures that persuade the adversary not to strike in the first place.” 

Decision-making for launching some attacks will be moved down the chain of command; previously, offensive cyber-operations generally required the approval of the president. Those envisioned in the new policy will include both offensive and defensive actions, only some of which may be made public, Bolton said. 

In a separate strategy document released recently, the Defense Department said it would “defend forward” US networks by disrupting “malicious cyber activity at its source.” The new policy comes amid intense scrutiny of the Trump administration’s efforts to deter foreign interference in the upcoming midterm elections. 

In 2016, Russian hackers affiliated with military and intelligence agencies hacked computers belonging to the Democratic Party, released stolen emails, and carried out a propaganda campaign to favor Trump’s chances. Trump, as a candidate, poured skepticism on Russian responsibility but argued the United States should “be better than anybody else” at “the cyber.”

But exactly how the Trump administration will use the newly unleashed offensive cyber-capability remains unclear, as the policy’s details remain classified. A spokesperson for the National Security Council declined to say at what point a US cyberattack would require presidential approval.

Bolstering the country’s ability to operate offensively in cyberspace makes sense, as long as these capabilities aren’t used in isolation, said Michael Daniel, the top cybersecurity advisor in the Obama administration.

“More frequent use of offensive cyber-capabilities only make sense as part of a broader, coordinated foreign-policy strategy involving multiple elements of national power,” Daniel said Michael Daniel.

“If the US government does decide to significantly increase its offensive cyber-actions, it should think those operations through carefully and clearly embed them in a larger strategy for dealing with the particular target,” added Daniel, who now runs the Cyber Threat Alliance, an industry group.

One big concern with offensive cyber-weapons is that they can cause collateral damage far beyond the original, intended target. 

In 2017, Russian operatives unleashed the NotPetya ransomware on the Ukrainian financial system, but the virulent worm spread around the world and caused billions of dollars in damage, shut down hospitals, and caused massive disruptions to global shipping and commerce.

Foreign Policy:

You Might Also Read: 

Trump Relaxes US Cyber Attack Rules:

Hackers Are Fighting A Surrogate Cold War:

 

« UK Builds 2,000-Strong Offensive Cyber Force
Major Facebook Breach: 50m Users Compromised »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Malta Information Technology Agency (MITA)

Malta Information Technology Agency (MITA)

MITA is the central driver of Government Information and Communications Technology (ICT) policy, programmes and initiatives in Malta.

(ISC)2

(ISC)2

(ISC)² is an international, nonprofit membership association for information security leaders. Our information security certifications are recognized as the global standard for excellence.

Taqnia Cyber

Taqnia Cyber

Taqnia Cyber specializes in the fields of cyber security, intelligence, operations, and training. It offers its services and consultations to both public and private sectors.

Tesorion

Tesorion

Tesorion is a fusion of different enterprises each with its own specialisation in the field of cybersecurity. We have combined these specialisations to create an integrated comprehensive solution.

Crypto4A Technologies

Crypto4A Technologies

Crypto4A quantum-ready cybersecurity solutions significantly improve protection for Cloud, loT, Blockchain, V2X, government and military application deployments.

CyberDegrees.org

CyberDegrees.org

CyberDegrees.org aims to provide top-notch information for students seeking Cyber Security education and career guidance.

Cyber Readiness Institute (CRI)

Cyber Readiness Institute (CRI)

At the Cyber Readiness Institute, our mission is simple: empower small and medium-sized enterprises with free tools and resources to help them become more secure and resilient.

Terra Quantum

Terra Quantum

Terra Quantum is a deep tech pioneer, developing revolutionary quantum applications to shape the technology of the future.

Delinea

Delinea

Delinea is a leading provider of cloud-ready privileged access management (PAM) solutions that empower cybersecurity for the modern, hybrid enterprise.

Blackrock Cyber

Blackrock Cyber

Blackrock Cyber consults on critical security decisions, oversees compliance for your payment initiatives, and details cyber security training for your entire organization and board reporting.

Think|Stack

Think|Stack

Think|Stack is a managed IT services company specializing in cloud and cybersecurity with human-centered design.

NetScout

NetScout

NetScout offers a powerful combination of service assurance, cybersecurity, and business intelligence solutions for today’s most demanding service provider, enterprise and government networks.

Strategic Technology Solutions (STS)

Strategic Technology Solutions (STS)

Strategic Technology Solutions specialize in providing Cybersecurity and Managed IT Services to the legal industry.

Supra ITS

Supra ITS

Supra ITS is a leading full-service technology partner offering IT Consulting, Cloud Services, 24x7 Managed IT & Cybersecurity Services, and IT Project Support.

Collabera Digital

Collabera Digital

Collabera Digital engineer the next generation of solutions that power tech-forward organizations and create an impact on people and communities.

Sayers

Sayers

Sayers is best known for its ability to solve business challenges with IT solutions. Our areas of expertise include cloud, storage, virtualization, security, mobility and networking.