We applaud the U.S. Federal government for doing what it can to deter cyberattackers but let’s be honest. The United States isn’t just starting to find ways to thwart hackers.
We’ve been at this for many years and to be blunt, suck at it.
The new Cyber Directorate will be responsible for defending against “threats to National Security Systems and the Defense Industrial Base,” the NSA said in announcing the new initiative.
NSA Director Paul Nakasone, who is expected to formally unveil the initiative later Tuesday, said the directorate will allow the agency to “redefine its cyber mission.”
“What I’m trying to get to in a space like cyberspace is speed, agility, and unity of effort,” Nakasone said in a statement released by the agency.
The directorate will be led by Anne Neuberger, who has previously served as the NSA’s first chief risk officer. Neuberger has also worked as the NSA’s deputy director of operations and the lead of the “Russia Small Group,” the NSA and U.S. Cyber Command task force created last year to thwart Russian cyber interference.
We don’t mean to make light of this initiative and perhaps using the word “joke” in our deadline is pushing it.
Let’s, however, be honest here – Russia, China, Iran, North Korea and other countries have hackers who are untouchable.
The Cyber Directorate is most likely going to focus on defense. Sure, the U.S. has amazing offensive tools but in reality, cybersecurity is PERPETUAL DEFENSE.
Think of the network of defense industrial base systems as an old house with a roof that is decades old. Now think of cyber attackers as hurricanes and tornados looking to get water through the roof. Eventually, Mother Nature and in this example, the hackers, get through.
The only deterrent and even this may not be enough is to identify the hackers and lock them up.
In August of 2016 we screamed as loud as we could to the Obama administration that we should not be giving Iran millions or billions of dollars if we don’t get the hackers who attacked the U.S. in return. (See photos of attacks at the top)
What is the point of indicting hackers if we don’t prosecute???
We made the point it is almost impossible to identify hackers – so when you can, you better get them behind bars.
We were the lone voice at the time.
This we believe, is the ONLY deterrent that has a shot at working.
Using U.S. political and financial clout to put hackers away sends a powerful message.
Unless the U.S. cybersecurity strategy shifts to jailing hackers, expect this new agency like all others, to be the equivalent of patching a failing roof, hoping the storm clouds don’t get too bad.