Photo illustration by John Lyman

Tech

/

Tackling Russia’s Other Undeclared War

Recent Russian cyberattacks have exposed critical flaws in U.S. cybersecurity infrastructure that Washington has failed to adequately address.

Late last year, Killnet, a pro-Russia hacker group, launched a cyberattack that knocked several U.S. airport websites offline. Killnet then subsequently invited hackers through Telegram to target other vulnerable airport websites using a DDoS attack. Combatting Russian hacking must become a priority for U.S. national security.

Russian-affiliated groups have conducted a consistent stream of large- and small-scale attacks in recent years. Foreign hackers in the employ of Moscow, Pyeongyang, and Beijing, have endangered the sensitive information of millions of Americans and cost companies massive amounts of money through ransomware attacks. These cyberattacks include the 2015 hack of the Office of Personnel Management, the hack of the DNC and the Clinton campaign prior to the presidential election, and the SolarWinds cyberattack in 2020.

The U.S. needs to focus on better information-sharing and coordination between the public and private sectors to improve detection and response capabilities. The U.S. needs to focus on the growth of the cybersecurity workforce. Finally, the U.S. needs to focus on implementing existing cybersecurity legislation, including offering federal incentives and providing oversight to ensure proper execution throughout the private sector.

Better information-sharing and coordination will result from following necessary protocols to protect national security interests. One key step would be convening the Cyber Safety Review Board that was established by President Biden’s Executive Order 14028. It would evaluate cybersecurity incidents at all levels and make recommendations for improvements, such as better encryption methods or multi-factor authentication processes. This multi-agency effort for information-sharing and collaboration needs to take place quickly in order to prevent further Russian cyberattacks.

The Biden administration needs to grow the cybersecurity workforce. It must promote a uniform training standard that enables the mobility of cybersecurity professionals. It should also support a robust system for rewarding talent. These steps, sustained over time, will attract highly specialized and experienced private sector professionals to employ their skills for the government’s benefit.

Greater oversight and collaboration with private entities would also close several gaps in the current federal cyber infrastructure. The government needs to incentivize the implementation of the National Initiative for Cybersecurity Education (NICE) framework to train both new and current employees. This initiative would allow for the creation of uniform employment standards and training procedures for cybersecurity professionals across all sectors, and subsequently increase mobility between public and private roles. The training should be conducted at the federal level and offer certification that is recognized and respected by both private and public sector employers. These incentives should also extend to providing adequate reports of identified incidents and vulnerabilities with recommendations for improvement.

Critics worry about the security risks of increasing private sector involvement. This concern is not new, and the government has already developed several services such as the Enhanced Cybersecurity Services (ECS) and Automated Indicator Sharing programs to address it. These programs serve to prevent malevolent actors from accessing information shared with private entities and inform the relevant authorities of malicious action attempts. In essence, the priority for the intelligence community is improving cybersecurity infrastructure. That means combatting the risks of including the private sector in the process.

The best way for the United States to respond to Russian-directed cyberattacks is through greater collaboration between the private and public sectors. Bringing them together will reinvigorate U.S. cybersecurity infrastructure and defenses. Better information-sharing and coordination between the public and private sectors will improve detection and response capabilities. This united effort will save money, defend our values, and keep the American people safe.