America is not prevailing in its ongoing conflict with hackers, cyberspies and online criminals, senior lawmakers and officials said Wednesday — and some believe the country is losing.
“I would say we’re losing,” said Rep. Michael McCaul, R-Texas, the chairman of the House Committee on Homeland Security. “We’re very good at offensive capability, not so good at defensive capability to defend both federal networks and the private sector.”
He spoke at a Council on Foreign Relations event in Washington, responding to a question from moderator and Bush administration homeland security official Stewart Baker.
“I think we’re not making nearly as much progress as we would like in this area,” added current White House Cybersecurity Coordinator Michael Daniel. “This is Pentagon speak for losing,” interrupted Baker, to laughs from the audience. “What can you say? I represent the administration,” Daniel responded.
Daniel said the trend line was very disturbing, “We’re watching our adversaries getting more and more sophisticated, not just in the tools they’re using but in their organizational structure. Many of these criminal organizations are now organized like a [consumer-facing] business” with malware developers offering a 24-hour technical support hotline, for instance.
As far as nation-state cyberattackers were concerned, Daniel agreed that U.S. adversaries are increasingly pursuing the use of cyberattacks as a tool of statecraft, and others on the panel raised the examples of the Sony pictures hack, which aimed to stop the release of a comedy lampooning North Korea’s hereditary dictator, and the Chinese denial of service attack against GitHub, the open source coding collaboration platform.
GitHub was attacked because it hosted content the Chinese government wanted to block. Unlike news media sites that Beijing routinely blocks in China through its national Internet barrier called the Great Firewall, access to GitHub is essential for China’s burgeoning tech sector.
According to researchers at the prestigious Citizen Lab, the GitHub attack used a novel capacity developed as an adjunct to the Great Firewall, called the Great Cannon, which essentially conscripted foreign visitors to Chinese websites into a denial of service assault, through the injection of malicious code.
“Certainly that’s an issue that we take very seriously and have raised with the Chinese government,” Daniel said of the GitHub attack.
Asked whether it was time for sanctions or other responses to such attacks from China, Daniel replied: “We need to expand the toolset that we have.”