The term ‘cyberspace’ was coined by William Gibson in his 1989 novel Neuromancer, he defined it as a system comprising of “Unthinkable complexity. Lines of light ranged in the non-space of the mind, clusters and constellations of data”. This ‘unthinkable complexity’ challenges US defence and security policy in multiple ways. These challenges include the cyber domain’s “reach, speed, anonymous nature, and offence-dominated conflict”. Of course, cyberspace has enabled prosperity and increased innovation, but along with it has been rapidly expanding threats and vulnerabilities which intersect with all dimensions of American society.
In cyberspace the US faces a panoply of threats from organised cybercrime and ransomware attacks to state-sponsored economic espionage and state-led attacks on health care, financial services, and manufacturing. All this comes at great economic cost. The Centre for Strategic and International Studies (CSIS), estimates that $600 billion a year is lost from the global economy due to cybercrime. This cost will only increase as the ‘Internet of Things’ expands. As John P. Carlin, states in his book Dawn of the Code War: “we’re living online in a straw house – that even as the wolf approaches the door, we’re continuing to cram ever more stuff into”. Hence, for the US to stand any chance of ‘winning’ the Code War it “requires both building a stronger house (defence) and chasing away the wolf (offence)”.
The proximity of the ‘wolf’ to the US’s front door has been brought in sharp relief by the SolarWinds hacks; Hafnium’s exploitation of Microsoft Exchange Servers ; and further attacks on critical national infrastructure, such as the colonial pipeline. The SolarWinds hack involved a Russian Advanced Persistent Threat (APT) group inserting malicious code into an update of SolarWinds Orion software. This was dutifully downloaded by over 18,000 organisations, including various US government departments. Sen. Mitt Romney went so far as to say that this “hack is like Russian bombers have been repeatedly flying undetected over our country”. Hence, the US is facing up to hard questions regarding deterring, detecting, disrupting and responding to cyber intrusions. Such questions are even more pertinent given that cyber espionage against US government networks is also up 168 percent in year-over-year data breaches. The current bout of attacks thus represents a few high-profile facets of a complex threat landscape.
In light of these breaches President Biden issued a statement saying cybersecurity will be a top priority for his administration: “We will elevate cybersecurity as an imperative across the government… and expand our investment… to defend against malicious cyber-attacks”. He also emphasised that “defence isn’t enough; we need to…[prevent] our adversaries from undertaking… cyber-attacks”. To back up these statements the president has ring-fenced about $10bn in funding in his Covid-19 relief plan to improve the US government’s cybersecurity efforts. The majority of funding will go to the Cybersecurity and Infrastructure Security Agency (CISA), and the General Services Administration (GSA). It will cover the cost of new cybersecurity services and promoting better security monitoring and incident response. This increase in highly targeted funding is certainly a good start for the administration.
Despite the fighting talk much of Mr. Biden’s cybersecurity stance is merely following on where President Trump left off. Mr. Trump gave US Cyber Command far greater targeting authority, giving the military a freer hand to conduct offensive cyber operations. It is estimated that Cyber Command has conducted more operations in the last two years than it has in any previous years. US Cyber Command has therefore been operating a “defend forward” position to pursue adversaries. This increasingly aggressive stance will remain a key strategy for chasing away the ‘wolf’ and preventing future SolarWinds and colonial pipeline style attacks.
However, unlike Mr. Trump, Mr. Biden’s cybersecurity policy will be less skewed towards cyber offence, he will also be proactive in seeking out international cooperation on cybersecurity, helping to make allies more willing to work with the US; uniting the West against prime cyber threats – China and Russia. An increase in cooperation will be welcome as it enables joint attribution of attacks, and highlights willingness in the international community to call out those who break cyber norms. Yet, as Federal statistics note only 3 in every 1,000 cybercrimes are prosecuted, indicting hackers should be just one technique in the administration’s toolkit for cyber-attacks. Mr. Biden’s openness to an all-tools approach which employs military, intelligence, diplomacy, legal, information, finance and economic resources is vital for the US to remain one-step ahead of malign actors.
In addition, to facilitate cooperation, Biden aims to put together a cyber ‘dream team’. Firstly, he has appointed Alejandro Mayorkas as Secretary of Homeland Security. As former Deputy Secretary of Homeland Security, Mr. Mayorkas took a close interest in cyberthreat-sharing programs and was involved in negotiating a US-China agreement which attempted to forbid cyber theft of intellectual property. With Mr. Mayorkas now leading Homeland Security, the Biden administration will use more diplomatic means in dealing with nation-state cyberthreats, thus complementing the offensive capabilities of Cyber Command.
Another significant pick of Biden’s is Anne Neuberger, she previously led the National Security Agency’s Cybersecurity Directorate, and has been selected as Deputy National Security Advisor for cyber and emerging technologies. Ms. Neuberger will lead the response to the Russian SolarWinds and Chinese Hafnium attacks, coordinating action with compromised agencies via the Cyber Unified Coordination Group (UCG). Mr. Biden’s appointments are strong evidence that he is taking cybersecurity seriously. However, even with these experienced figures heading up his cyber response, the investigation into these attacks will take many more months, with the full extent of the data breaches likely to remain opaque.
In conclusion, President Biden has proclaimed that “America is back” and in the realm of cyber security he also wishes America to take the lead. Mr. Biden has built his cyber stance on improving the security of critical infrastructure; taking on aspects of Mr. Trump’s cyber legacy by being more aggressive in dealing with cyber adversaries. Yet, in accordance with Mr. Biden’s goal of ‘normalcy’, he is placing additional focus on working together, through military cooperation with allies and strengthening civilian cyber defences to deter hackers. Ergo, it seems that cyber is high on the agenda for Mr. Biden, but tackling the complex challenges it presents will continue to be an uphill struggle for the administration.
Image: Gage Skidmore by Creative Commons