US gears up to get tough on cyber attackers

Assistant US Attorney-General for National Security John C. Demers speaking at a news conference on the indictment of seven agents belonging to Russia's GRU military intelligence agency. The indictment was part of a joint crackdown with Western allie
Assistant US Attorney-General for National Security John C. Demers speaking at a news conference on the indictment of seven agents belonging to Russia's GRU military intelligence agency. The indictment was part of a joint crackdown with Western allies on a series of major hacking plots attributed to Moscow.PHOTO: AGENCE FRANCE-PRESSE

Pentagon may take offensive measures, support Nato allies

WASHINGTON • After years of ceaseless attacks from state-sponsored hackers, the United States is toughening its stance in the cyberfight against Russia, China and other nations.

Critics have long charged that the US' response has fallen woefully short as adversaries targeted its national security networks, government agencies and voting systems.

But under a series of new measures, US officials are touting a more muscular approach - including a greater willingness to launch offensive cyber operations.

President Donald Trump recently revoked his predecessor Barack Obama's rules requiring high-level authority for big military cyber operations, and National Security Adviser John Bolton warned that any country conducting cyber attacks could face an offensive response.

Then on Thursday, Defence Secretary James Mattis said the US is making its cyber capabilities available to North Atlantic Treaty Organisation (Nato), warning Moscow that it must "pay the piper" after the Netherlands revealed an alleged plot by Russia's GRU military intelligence agency to hack the Organisation for the Prohibition of Chemical Weapons.

Coincidentally, the US on Thursday indicted seven GRU agents as part of a joint crackdown with Western allies on a series of major hacking plots attributed to Moscow.

THE RIGHT DEFENCE

Nato needs to ensure it has the requisite tools, capabilities and strategies in place to match the current threat environment.

FRANK CILLUFFO, director of the McCrary Institute for Critical Infrastructure Protection and Cyber Systems.

Mr Mattis said an international response to hacking attacks would not necessarily be a tit-for-tat cyber offensive, but told Moscow it would "have to be held to account".

Rand Corporation intel and cyber expert Cortney Weinbaum told Agence France-Presse that in today's modern threat environment, kinetic weapons alone are no longer sufficient.

She said she interpreted Mr Mattis' comments "as meaning that the US will offer all of our warfare capabilities, which now include cyber, to defend Nato alliance members". "This pledge will hopefully have a deterrent effect to prevent such a scenario from occurring," she added.

Other experts also approved of the move.

"Nato needs to ensure it has the requisite tools, capabilities and strategies in place to match the current threat environment," said Mr Frank Cilluffo, director of the McCrary Institute for Critical Infrastructure Protection and Cyber Systems at Auburn University.

Still, the Pentagon is playing catch-up as it bolsters its capabilities, having for years under-invested in talent that all too often is swiped up by the well-paying private sector.

"A great deal of the department's cyber-readiness issues revolve around the shortage of skilled cyber-capable personnel," Senator Mike Rounds, who heads a Senate cyber security sub-committee, said last week. "The current recruitment, pay, retention and career pathway structures in place are not equipped to manage this problem."

Last month, the Pentagon released a revamped cyber strategy that states that it will conduct cyberspace operations to collect intelligence and prepare military cyber capabilities to be used in the event of crisis or conflict. The report blasted Russia and China for what it called their continued interference.

According to a report in Bloomberg News on Thursday, tiny chips inserted in US computer equipment manufactured in China were used as part of a vast effort by Beijing to steal US technology secrets.

The chips, each the size of a grain of rice, were reportedly used on equipment made for Amazon, which first alerted the US authorities, as well as Apple, and possibly for other companies and government agencies, including the military.

AGENCE FRANCE-PRESSE

A version of this article appeared in the print edition of The Straits Times on October 06, 2018, with the headline 'US gears up to get tough on cyber attackers'. Print Edition | Subscribe