Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

As the U.S. government faces cyber attack, 'there's no playbook' for fighting back

Kulwant Saluja | Sept. 8, 2015
Nice nations don't retaliate, but the more hackers steal, the harder it is to maintain that stance.

Fight back, critics argue, as the U.S. government faces increasing cyber attacks, with rival nations as the most likely suspects. A passive approach by the U.S. government only emboldens perpetrators—draw a red line, they urge. Most recently, the massive Office of Personnel Management breach has inspired calls for a decisive response.

On the other side, some experts warn that retaliation, in any form, would be shortsighted, simplistic, and unrealistic, potentially undermining America’s interests. The rules of engagement, even informal guidelines, have yet to be written, they say.

The OPM, which handles security clearance for federal government employees, discovered in June that the agency had been hacked. The latest figures reveal that the records of 22 million workers were compromised.

Facing an unknown enemy

Those advocating hacking back say the OPM breach should have been the final straw. But where to strike? The Obama administration has not openly accused anyone—neither an individual or group of individuals, nor a government—of being behind the OPM cyber attack.

Robert Knake, former head of cybersecurity policy at the National Security Council, said those advocating for hacking back are overreacting.

“It’s bad. But it’s not devastating,” said Knake of the confidential data exposed by the breach. “The reason it’s not devastating is that we know about it.”

Speaking at a recent Atlantic Council panel debating the consequences of cyber revenge, Knake said identifying the breach offers the opportunity to mitigate the damage. Once armed with this knowledge, the government can use the hack to its advantage, he argued.

For example, in the event that a nation uses information gleaned from the breach to identify Americans involved in sensitive activities, Knake said the U.S. could respond with misdirection by changing personnel.

cyber attack stock image

Cold-War spying had rules of engagement, but they have yet to be written for the new world of cyber attacks and cyber espionage.

Knake said the leaking of classified National Security Agency information by NSA contractor Edward Snowden changed the norms in cyberspace, making cyber spying an open secret. “We are in the post-Snowden period where the whole world knows the U.S. engages in this kind of [surveillance] activity,” said Knake. Despite vociferous protest from spied-upon allies, the U.S. did not shut down its programs, Knake pointed out. “We got through all those disclosures without … Angela Merkel or anyone else declaring that it was an act of war.”

Fighting cyber espionage requires a different skillset than defending against pre-Internet, traditional Cold War espionage, said Austin Berglas, former head of the FBI’s New York Cyber Branch. “Whatever country is trying to steal our state secrets or international property doesn’t have to have a physical body. They can do it from their own home. There is a cloak of anonymity that people can hide behind to deny the actions.”


1  2  Next Page 

Sign up for Computerworld eNewsletters.