The United States is engaged in a quiet but potentially devastating intelligence, cyber and information war, with the greatest threats to national security coming from China, Russia, Iran and North Korea.
That was the topic of a webinar on “Confronting Current and Future Cybersecurity Threats,” hosted Wednesday by Arizona State University’s Center on the Future of War.
“As you think about what computers have evolved to these days, they've gotten so much more entwined in everything we do — whether it's the information on our computer desktop all the way out to the military's weapons,” said Rob Joyce, director of the U.S. National Security Agency’s cybersecurity directorate.
Part of the mission of the agency is to partner with allies, private industry and academics to strengthen awareness and collaboration, and advance the state of cybersecurity.
Joyce was joined by retired Lt. Gen. Robert Schmidle, professor of practice in the Center on the Future of War and School of Politics and Global Studies, and Daniel Rothenberg, a professor of practice in the School of Politics and Global Studies and co-director of the Center on the Future of War.
Rothenberg asked if a devastating and fundamentally destabilizing cyberattack is imminent and inevitable in American society.
“Yeah it is,” said Joyce, citing the 2021 ransomware attack on the Colonial Pipeline, which was caused by one compromised password that led to major fuel shortages.
“So, it is not unimaginable.”
Beyond government computers
A cyberattack on the U.S. government would be far-reaching, going beyond its official web of networks to thousands of partner companies, defense contractors, subcontractors and more.
According to Joyce, the ecosystem consists of 30,000 cleared companies that work as subcontractors and 300,000 companies that feed into the defense department. It is an enormous amount of tech surface that adversaries can get into in order to steal information, manipulate data and more.
“So we were frankly seeing a lot of stuff lost in that ecosystem,” Joyce said.
Joyce said that anything from civic governments to companies that are assaulted are a national security issue. Hospitals, schools and manufacturing plants are all driven and dependent on computers.
“Criminals understand that If you have something that people depend on, they can exploit it,” Joyce said.
Cyber solutions
The NSA’s Cybersecurity Collaboration Center works with industry partners to prevent and eliminate foreign cyber threats.
Joyce explained there are ongoing offensive and defensive efforts to comprehend and combat cyber threats — exploiting the enemy’s web system while at the same time trying to keep them out of U.S. networks.
Finding out the enemy's secrets puts the U.S. on the path to security, he said.
What do adversaries know or intend to do against those military communication systems? And what are the adversaries doing to get our classified communications? These are questions the NSA must ask, Joyce said.
“You know, it takes a thief to catch a thief,” Joyce said. “So when you work on both sides of this … you get a better appreciation for the practical things the adversary will do to win, and that's really what it's all about.”
Desktop defense
Schmidle asked what people could do to protect their personal computers from attacks.
Joyce said the number one thing to do is install updates as soon as they come out and have a solid password management system. Security that is breached on one site can be an entry point to all personal information.
“Criminals are going around, and they're rattling the doorknobs,” Joyce said.
“It's the equivalent of a criminal finding a car that's unlocked and just taking whatever they find inside. If you lock your car, you're safe.”
Joyce said that there is a real need to be vigilant in improving the technology but, “it is not going to be any one entity that solves the problem.”
It's not just regulation, or collaboration between government and private industry, or international coalitions or laws that are the answer, he said.
“But it's going to be a bit of all of that.”
Top photo courtesy iStock
More Law, journalism and politics
To secure our future, this ASU initiative is examining the past
The year was 1947, and the United States was adjusting to new realities after World War II. Jackie Robinson became the first African American player to join Major League Baseball, and President…
CBS News, ASU Howard Center partner on investigation into police 'moonlighting'
A new, investigative series by CBS News and the Howard Center for Investigative Journalism at Arizona State University reveals the stark reality of the practice of letting police officers work off-…
How ASU is leading the national conversation on journalism and AI
As artificial intelligence continues to advance at a rapid pace, journalism faces both unprecedented opportunity and profound responsibility.At Arizona State University, those challenges are being…