American cybersecurity is more fractured than it appears, with state and federal authorities carrying out their own responsibilities while private companies must also work on their own infrastructure.

“We know that other nation states — China, Russia, Iran, and North Korea — are chasing us in the cyber realm,” Jamil Jaffer, founder and executive director of the National Security Institute, told Fox News. George Mason University Law School. Digital.

“We generally expect the government to defend itself against these kinds of attacks. If a Russian bomber looms on the horizon, nobody says, ‘Hey, you know, Walmart or Target, why didn’t you no surface-to-air missiles on the roof of your building, are you defending against this russian bomber bear? »

“Of course, we don’t expect that [in cybersecurity]”, he continued. “We expect Walmart, Target, JPMorgan, a small family business in the middle of the country, to defend themselves against any cyberattack, whether it’s someone in their sub Chinese or Russian soil or nation-state. nation-state.”

FROM PHISHING SCAMS TO PROPAGANDA: HOW RUSSIA AND ROGUE NATIONS USE CYBER CAPABILITIES AGAINST THE US

In this photo illustration a warning message in Ukrainian, Russian and Polish is displayed on a smartphone screen and background in Ukraine on January 14, 2022.

In this photo illustration a warning message in Ukrainian, Russian and Polish is displayed on a smartphone screen and background in Ukraine on January 14, 2022.
(Photo Illustration by Pavlo Gonchar/SOPA Images/LightRocket via Getty Images)

This reverse relationship exists largely because the private sector owns and operates Internet access in the United States, even though it has become an important factor in warfare. In the months leading up to the Russian invasion of Ukraine, military experts told Fox News that digital cyberattacks would serve as a major indicator that an invasion was about to occur.

In describing what a Chinese invasion of Taiwan would look like, experts have consistently cited a cyberattack as a leading indicator that Beijing will act.

SINGER BILLIE EILISH DOXXED BY CRIME APP: HOW TO AVOID THE SAME FATE

Yet the United States has its cybersecurity divided into three parts: the federal government, operating through the Cybersecurity and Infrastructure Security Agency (CISA) under the Department of Homeland Security; state-level governments; and private companies.

“Generally, cybersecurity policy has been pretty forward-thinking and pretty bipartisan,” Jaffer told Fox News Digital. “It varies from member to member of Congress, but at the end of the day…we rely on them to get the right incentives.

A hand on a keyboard is seen with a binary code displayed on a laptop screen in this illustration photo taken in Krakow, Poland, August 17, 2021.

A hand on a keyboard is seen with a binary code displayed on a laptop screen in this illustration photo taken in Krakow, Poland, August 17, 2021.
(Jakub Porzycki/NurPhoto via Getty Images)

“We need to give them better incentives and not penalize the industry with excessive regulation or excessive prosecution and liability,” Jaffer explained. “I think it will probably make us less cyber-safe.”

In a recent study, Proxyrack, a proxy provider website, polled each state to determine which were most at risk of cyberattacks, based on the number of cybercrime victims per 100,000 people. Nevada, Iowa, Alaska, Delaware, Florida, Maryland, Colorado, Washington, Arizona and California rank among the 10 most vulnerable, according to the survey, showing little consistency in the region, political inclination, or other factors aside from simple investment in cybersecurity.

ARE YOUR OWN DEVICES INADVERTENTLY SPYING ON YOU?

Phishing (email scams), vishing (telephone scams), smishing (text message scams) and pharming, which aims to direct Internet traffic to fraudulent websites, classified as the most common crimes, responsible for a just under 324,000 victims in 2021. Another 82,500 people fell victim to non-payment scams, and around 52,000 others suffered personal data breaches.

California alone is said to have lost $1.23 billion to cybercrime and scams, with Texas, New York and Florida each losing more than half a billion dollars for these same crimes in the same year.

A Homeland Security vehicle at the end of the day in Lower Manhattan on October 5, 2016.

A Homeland Security vehicle at the end of the day in Lower Manhattan on October 5, 2016.
(Stock)

“Although there is a Federal Department of Energy and a Federal Energy Regulatory Commission, we generally think of electricity, water and the like as a state responsibility,” Jaffer noted. “I think you’ll see states doing a lot more in this space and working with their people and also on emergency response. If something goes wrong, just like you would in a hurricane or an earthquake earth or other natural disaster.

“States come first, the feds come in later. And that’s probably where you’ll probably see states play a role in cyberspace,” he said.

BEST PASSWORD MANAGERS RATED BY EXPERTS OF 2023

Jaffer pointed out that private and state operators only work with part of the picture since the federal government tightly controls threat information from foreign actors such as Russia, China, Iran and North Korea. Countries like Iran and North Korea have dramatically improved their own cyber literacy over the past decade.

North Korea, in particular, has improved its capabilities and focused on scams and other cyber operations that would allow it to acquire as much wealth as possible to circumvent sanctions.

The federal government has assumed its role as a facilitator and supporter rather than a leader in these spaces. CISA regularly examines the requirements and weaknesses of various industries and states to help them strengthen and improve their infrastructures.

“The primary role of the federal government, including through CISA, within the Department of Homeland Security, within that homeland security role, is to provide state and local governments and private businesses services, advice, information to help them secure their networks, help them understand the threats, help them prioritize the risks,” Eric Goldstein, CISA’s executive deputy director for cybersecurity, told Fox News Digital. .

Joseph A. Blount Jr., president and CEO of Colonial Pipeline, testifies during a Senate Homeland Security and Governmental Affairs Committee hearing on the Colonial Pipeline cyberattack on Capitol Hill, June 8, 2021, in Washington, D.C.

Joseph A. Blount Jr., president and CEO of Colonial Pipeline, testifies during a Senate Homeland Security and Governmental Affairs Committee hearing on the Colonial Pipeline cyberattack on Capitol Hill, June 8, 2021, in Washington, D.C.
(Graeme Jennings/Pool/Getty Images)

“We provide newsletters, we share information and so our role is really to support the operators of these critical systems whether they are state government or private sector,” he added. .

Goldstein acknowledged that this burden of responsibility on state governments can lead to “great diversity among governments, especially local governments, depending on their level of resources or cybersecurity maturity.” But there are resources that can enable states and local governments to achieve a “common baseline, including CISA’s recently released cybersecurity performance goals.”

CISA aims to “help close those gaps and raise the bar to achieve a higher baseline and greater consistency of practice across the country,” he said.

CLICK HERE TO GET THE FOX NEWS APP

Whether the various pieces at work in America’s cybersecurity apparatus can achieve this efficiency and literacy remains to be seen, but CISA is trying to help bring “all sectors to work together around cyber threats at all times.”

“I think it’s widely recognized at this point that every network is at risk and no single organization can defend their networks alone, so we need to collaborate across all levels of government and with the private sector if we are to be successful. “, said Goldstein.

Source link

Leave A Reply