By Steve Grobman
Finally, at long last, cybersecurity and cyberwarfare got the election year attention they deserve in Monday’s. Whether the candidates’ remarks inspired confidence, however, is a debatable question in itself.
It’s become a cliché in corporate America to say cybersecurity has mushroomed from an IT worry to a boardroom priority. Now the same is true in government: cyber security has become a key leadership issue. The next president will be forced up a steep learning curve.
“Our institutions are under cyberattack, and our secrets are being stolen,” said debate moderator Lester Holt. “So my question is, who’s behind it? And how do we fight it?”
“We have to get very, very tough on cyber and cyber warfare,” responded Donald Trump. “The security aspect of cyber is very, very tough. And maybe it’s hardly doable.”
Hillary Clinton called out Russia’s Vladimir Putin. “Putin is playing a really tough, long game here,” she said. “We are not going to sit idly by and permit state actors to go after our information… And we’re going to have to make it clear that we don’t want to use the kinds of tools that we have. We don’t want to engage in a different kind of warfare.”
But it is not just major state actors laying siege to U.S. interests. It is an encyclopedia of governments, freelance proxies, hacktivists, crooks, and chaos agents. And the country, not to mention the next president, has no choice but to fight in cyberspace. It is a new sphere of unceasing conflict.
The lawless landscape, plus the probability of more, and more ruinous, attacks on US interests, will pose an unprecedented leadership challenge for President Obama’s successor.
More cyberattacks are probable. Some future assaults will likely be designed to cause more public chaos. In the global underground economy run by, all the technology required to take a crippling shot at transit systems – or the energy grid, air traffic control, financial networks, health systems, even the food supply chain – is for sale. Modest villains can get their hands on high-quality cyber munitions. A successful attack on infrastructure would likely have obvious immediate fallout, with many citizens inconvenienced or even endangered.
No prior commander-in-chief has been put in this position.
We know enough about nuclear, chemical, and bio weapons to extrapolate detailed war scenarios. For them we have doctrines and even governing protocols. Cyber weapons are more difficult to manage: they evolve more rapidly, and we draw on far less real-world experience. If an enemy disables civilian targets using cyber, can the U.S. retaliate in like-for-like manner without escalating the conflict? Should it even try?
Amid public protest, a president might be tempted into rapid reprisal. But attribution is among the most complex aspects of cyber warfare. Digital forensic work can suggest a perpetrator, but not usually with certitude. A level-headed attacker naturally wants to implicate some other party, so false flags and red herrings often litter the attack scene. (This marks a profound difference from nuclear strategy or conventional terrorism, where proven techniques can source an incoming missile or trace a bomb’s origin.) We can imagine a bit player terror group seeking to pit nation-states against one another with cyber aggression that appears to come from those countries.
Pinpointing blame for a cyberattack takes a blend of cutting-edge digital forensics, traditional intelligence, ever-better defensive technologies, and including threat intelligence sharing. Conflict managers in the public sector will be wise to have all available resources collaborate on attribution and response design – while deflecting public clamor for quick revenge.
The U.S. and key allies hold regular cyber war games. Since 2010 NATO’s Cooperative Cyber Defense Centre of Excellence has run Locked Shields, an annual exercise in which the fictional Berylia comes under cyber fire, often from rival Crimsonia. But Locked Shields participants tend to be veteran security experts. The time has come to put political leaders in the thick of things too – because if and when a serious attack occurs, it is they who will make cyber policy on the fly. The experts will execute their orders.
One irony of cyber warfare is that cyber weapons in rational hands can be precise and efficient. Offensive cyber weapons can be programmed to focus on an intended target. In some ways, they are the ultimate precision ordinance – at least in theory. (Bugs or code errors could still send a weapon awry.)
All are points to ponder for any head of state entering unmapped territory where needed norms or precedents do not exist.
Odds are fair that the next president will lead the United States through a high-visibility cyber conflict – working with intelligence and private assets to limit damage, directing quick recovery, and considering a response that does not prompt unwanted escalation. The executive playbook should draw on recommendations from many sources, inside and outside of government. To respond to a catastrophic cyberattack, the president will have to sift everything – and make history in real time.
Steve Grobman is Chief Technology Officer, Intel Security, at Intel Corporation.