Visible to the public Cyber Scene #75 - Cyber Security: Past, Present and FutureConflict Detection Enabled

Cyber Scene #75 -

Cyber Security: Past, Present and Future

As the New Year begins, many issues about cyber failures or successes in 2022, the status of cybersecurity now, and glimpses of the probable future are well-timed for Cyber Scene consideration. This is a more strategic than tactical view which ideally may inform this readership in reviewing your own role as 2023 arrives.

Capitol Hill has led the way, finally establishing this linkage from past, present and future in passing the $1.7 trillion "spending bill," officially the 2023 Omnibus Appropriations Bill, just under the deadline that would have shut down the U.S. Government. This governmental accomplishment offers a holiday gift of progress in balancing Congressional "pork barrel" issues with national cyber security domestic and international issues with global impact. Cyber was in the shadows of Ukrainian President Zelensky's in person address to the joint House and Senate audience the eve of the Senate vote. Capitol Hill found support for both their constituency and more strategic and overarching issues, with the Senate voting 68-29 on 22 December, and the House 212-205 on 23 December.

Cyber security has indirectly influenced the hoisting of a unifying flag. While hackers have occasionally executed politically intended harm, those seeking ill-begotten money are not so discriminating. Everyone is at risk.

Foreign Affairs' Amy Zegart examines "Open Secrets: Ukraine and the Next Intelligence Revolution," which bridges the gap between the past analysis of Russia's failings in the invasion of Ukraine and the future impact of new technology. She notes that there has been a return to Marxism-Leninism, but the tech world is, well, in another world. Digital connectivity, she maintains, is "upending the world," and notes that Artificial Intelligence (AI) is likely to eliminate 40% of jobs globally in 25 years. President Putin himself said: "...whoever leads in AI development will become the ruler of the world." Zegart goes on to note that new technologies are driving renewed war in Europe, terrorist attacks, and cyberattacks and will determine "...who will be able to understand and chart the future."

A corollary of sorts to Zegart's concerns is The Economist's 30 November study of Russia's cyberwar on Ukraine, which assessed the following: "The most important reason for that was Ukraine's defence." Lindy Cameron, head of Britain's National Cyber Security Centre (NCSC) reckons Russia's onslaught was "probably the most sustained and intensive cyber-campaign on record." But as Sir Jeremy Fleming, her boss at Government Communications Headquarters (GCHQ), Britain's signals-intelligence agency observed in an essay for The Economist in August, Ukraine's response was "arguably...the most effective defensive cyber-activity in history." Ukraine was ready and had a contingency plan in place. The report goes on to cite NATO's top intelligence official, David Cattler, comparing Russia's use of malware against Ukraine as more destructive "than the rest of the world's cyber-powers combined typically in a given year." The article concludes by saying that, like the Allied decryption of the Enigma machine, "the ultimate impact of cyber-operations in Ukraine may remain obscure for years."

However, some 2022 success is coming to light now, according to both the Washington Post of 22 December 2022 and The Hill on 12 December 2022.

The Post's Ellen Nakashima reports on routine use of offense cyber operations very recently by the U.S. Cyber Command (CYBERCOM). Unlike the many years that passed before the decryption of the WWII Enigma was publicly revealed, Nakashima now cites the takedown of a Russian troll farm's digital platform to prevent hacking into U.S. 2018 midterm elections. In 2020, CYBERCOM also engaged in thwarting the Iranian Islamic Revolutionary Guard Corps (IRGC), which projected sending threatening emails to U.S. voters. In 2022, CYBERCOM's Cyber National Mission Force (CNMF) has been involved in addressing infrastructure interference. General Paul Nakasone, Commander of CYBERCOM and the National Security Agency (NSA), noted that they followed a "...'campaign plan' to deprive the hackers of their tools and networks." The Post continues, describing "hunting forward" and international collaboration in exchanging digital warning indicators.

The Hill's journalist, Ines Kagubare, addresses "persistent engagement" from the perspective of international collaboration. Not only Ukraine, but other Eastern European countries as well as close allies such as the U.K. pooled their success in countering destructive cyberattacks from Russia or at least "mitigating their impact." The article cites several occasions where "hunt forward" team sent operators to countries near Ukraine and Russia to help cyber defenses and networks against threats. Kagubare interviews cyber experts from academia and tech firms who explain why they want to deconstruct malware before it spreads. She also confirms General Nakasone's comments on offensive cyber operations to support Ukraine but does not discuss details. However, she does refer to an interview with the UK's Sky News where Nakasone refers to "...the full spectrum: offensive, offensive and information operations." She closes by including a commentary by James Turgal, Vice President of the cyber company Optiv, who states: "Russia is still waging a very active cyber war against Ukraine and others; we're just collectively defending better."

But beyond Ukraine, the cyberwar continues, soto voce. The Economist on 12 December considers Sino-American business relations as "frosty" on both sides of the Pacific, well, like an increasingly less-submerged iceberg. Inside the Washington Beltway, U.S. regulators are active in the U.S. Commerce Department: it had added 36 Chinese companies to its "entity list" meaning that business with them is "near-impossible." A Congressional bipartisan group suggested banning TikTok; it has a 100 million U.S. clients, and a bipartisan group of U.S. senators introduced a bill to list Huawei and other Chinese telecoms on Treasury's "specially designated nationals" list. Being "special" is not a good thing. It would close these Chinese companies' access to U.S. banks, freezing them "...out of the global financial system." While these initiatives are further evidence of bipartisanship in the U.S., it does not endear the U.S. to China, nor vice versa. Interestingly, both President Trump and President Biden, in a retro-bipartisan surprise of sorts, have both been keen to blacklist Huawei. Biden has added China's most advanced memory-chip maker to the list. The article closes by stating "Make no mistake: technological decoupling between the world's two biggest economies is proceeding apace." A version of this article also appeared in The Economist's "The World Ahead 2023" --a 146-page compendium of what one might expect for this new year. Despite the progress across the U.S. cybersecurity world, Andy Greenberg from Wired reports on 18 December that cyberattacks have not ceased: Chinese hackers are still at it.

Lastly, the first-ever National Cyber Security Director, John "Chris" Inglis, has announced his resignation from the position that was newly created upon the arrival of the Biden Administration in 2021. According to the CNN announcement, Inglis has requested that his deputy step in upon his departure, seemingly ad interim, to further develop the 70-strong staff that Inglis has created during his term, as he started with a confirmation and title alone. The exact timing has not been released.

Given the circumstances, it would seem that U.S. cybersecurity operations, defensive, offensive, and forward-looking, have made progress despite issues with tech taking a hit and globalism taking a big step backward. It will be most interesting to take stock of this state of cyber, domestic, and foreign, next year as we look back on 2023.