Centralize Cybersecurity to Prevent a Digital Nuclear War

Centralize Cybersecurity to Prevent a Digital Nuclear War


“Changing a Continent” is a new column by journalist Kenneth R. Rosen that focuses on the transatlantic relationship between the United States and the future of Europe.

When Russia invaded Ukraine, my internet went dark. My home in northern Italy was disconnected from news, email, and any communication. Finally, news revealed that when a satellite serving the Ukrainian army was hacked, some 50,000 people across Europe also lost connectivity, including wind turbines in Germany. So the continent I call home started to change because of the conflict.

NATO stresses its concern over attacks beyond conventional warfare, and urges Russia to promote a “free, open and secure cyberspace.” Russian-backed hackers attacked state and commercial websites in Estonia in 2007 after a Soviet-era war memorial was removed from Tallinn. In 2008, during the Georgia conflict, most government websites and banks were offline during the 12-day war. Aside from cyberattacks on communications and control elements of the Ukrainian army in 2014 when Russia illegally annexed Crimea, Ukraine’s voting system was hacked and hard drives were fried. In 2015, Kyivoblenergo won the unwanted honor of one of the world’s leading power grid providers in a cyberattack. A quarter of a million people were left without electricity for several hours. In 2017, a series of attacks orchestrated through a virus known as NotPetya caused $ 10 billion in damage. It had first started as an attack on Ukrainian companies before globalization.

Europe, where all 27 members have tried to unify cybersecurity standards (think: Interpol, for the Internet), has made great strides in centralizing these efforts, including the exchange of intelligence, which has greatly benefited Ukraine) as the creation of the European Union. The Network and Information Security Agency (ENISA) and EU-wide mandates to improve companies’ security obligations, include vulnerabilities within their supply chains and allow individual national authorities the power to oversee these security adaptations and protocols. “ENISA’s authority status means the EU’s strategy to identify gaps in Member States’ cybersecurity capabilities and facilitate the overcoming of these gaps through operational support,” a RAND study found 2015. In addition, the European Cybercrime Center (EC3), set up by Europol in 2013, promoted the harmonization of the bloc.

The US can learn from EU transpositions into domestic policies and foreign engagement. Most importantly, however, the Biden administration can see how European countries have come together against seen and unseen threats because their actions are both a lesson and a lesson.

A NEW TYPE OF WAR

Physical warfare consists of bullets and ammunition. But digital and psychological warfare is on the rise all over the world, and this conflict can reach anywhere, to hurt both physically and economically.

The government must take into account the reality of its vulnerability as tensions abroad reach new heights. In addition, the government has its own security needs and concerns.

The global economy (and, by extension, the European domestic economy) remains intertwined, financially and physically. Submarine cables connect Europe to the United States, including financial institutions: easily separable cables, causing months of disconnection and causing chaos to banks, ATMs and fintech. While most experts and analysts might say this is unlikely (given satellite connectivity, which is still based on ground-based cables), few argue about the reality of an Internet cable. high speed submarine as a digital back door. He (and his fellow satellites) is a gateway through which cyberwarfare and warfare for which U.S. government institutions and offices are unprepared. Its presence, the connectivity it offers and in which countless industries have come to rely, is in itself a threat.

But it is a threat that the nation must live with and can if it is closely monitored. Unfortunately, protecting computer systems requires concerted protection and defense, which the private sector and government have not effectively coordinated. And this lack of coordination deprives the national economy of billions of dollars a year.

Only the U.S. government has numerous leaks and security below the standards in its agencies. And like those agencies that work on digital silos, separate from the general public, the private sector is separate but linked through programs like the government’s “E-Verify” employment program. The separate but separate relationship represents a devastating vulnerability for the national economy. In addition, the country does not have a centralized cybersecurity defense, despite the White House promoting efforts to make a more robust security apparatus. Until one is established, cyberattacks will continue to hamper businesses and cause a one-key economic upheaval (think: colonial channel ransomware attack).

The White House has for years called for stronger national digital protection. However, they have stagnated, partly for political reasons, but also out of greed: there is always money to be made for sure. As a result, the U.S. government is extremely vulnerable and unable to protect private industry, which should be one of its directives to allow the free movement of trade and commerce.

RECOGNITION OF VULNERABILITIES

Thanks to the work of the Securities and Exchange Commission (SEC) alongside banks and stock exchanges, there is a framework that allows a public company to instantly disseminate market news. The White House can use regulatory milestones such as the Clean Air Act or the creation of the Food and Drug Administration as a guide. And most computers use one of three operating systems: Linux, Windows, macOS, that is, a centralized security device is possible, especially when these companies (that is, a defense contractor) use the same payroll software. than your local pharmacy or veterinarian. Vulnerabilities cover industries.

Nationwide, the Transportation Safety Agency has sought new digital safety practices for pipes and railroads, and the Federal Communications Commission has cracked down on telecommunications companies. In addition, the SEC has insisted that investment advisers and funds double digital security. However, about 80 subcommittees and committees on Capitol Hill oversee different facets of cyber regulation, creating unnecessary stagnation.

The government must take into account the reality of its vulnerability as tensions abroad reach new heights. In addition, the government has its own security needs and concerns. Last year, an investigation by the Government Accountability Office revealed that 17 of the 23 civilian agencies did not meet the requirements after a 2014 federal law required agencies to offer information security programs. There was also a lack of specific initiatives for cybersecurity. “The federal government needs to move more urgently to improve the nation’s cybersecurity as the country faces serious and rapidly evolving threats,” the office said.

The threats inherent in economic stability and the growth of underserved communities that could be plundered play an inherent role in this story. When working at a slaughterhouse in West Texas, employees at the processing plant had no training in cybersecurity or personal digital security. These plants, such as JBS Foods, Tyson and Cargill, supply the country with most of their meat and poultry products. Last year, all JBS operations were shut down in a cyberattack. The case of JBS, the world’s largest meat producer, is just one example that underscores the breadth of impacts these attacks could have. Agricultural markets (and, by extension, rising food insecurity) are under threat. Pig prices rose and livestock futures fell after the attack.

LOOKING FOR DIGITAL CENTRALIZATION

It’s a matter of national security and global cooperation, as multinational companies operate overseas and connect directly to U.S.-based systems (think Citrix, Workaday, and fintech).

The occasional demand for cryptocurrency for the return of digital files or access to the computer system or the need for additional authentication requirements for users of complex and advanced systems linked to electrical or electrical networks have been addressed in the media. . What has not been covered is the biggest implication for national security. Often, these stories stimulate responses that see the problem as a private enterprise problem (upgrade your systems!) Or as something that is a person’s fault (train your employees to detect fishing emails!). However, these systems should already be protected and these emails should be protected. non-existent.

The Government Accountability Office should continue to pressure government agencies with unprotected digital infrastructure to do better. In addition, the Inspector General of the National Directorate of Protection and Programs of the Department of Homeland Security should seek to assist in the transformation of the current decentralized digital infrastructure to protect not only these agencies, but also public and private companies that in depend.

Until homogeneity is reached, global threats continue.

Kenneth R. Rosen is a freelance journalist based in Italy.





Source link

Related post

EDUCAUSE 2022: How Data Collection Can Improve Student and Faculty IT Support

EDUCAUSE 2022: How Data Collection Can Improve Student and…

At Indiana University, Gladdin said, to make life easier for students and faculty, they implemented a course template for the Canvas…
UGC, AICTE warn students against online PhD programmes offered by EdTech platforms | Latest News India

UGC, AICTE warn students against online PhD programmes offered…

The University Grants Commission (UGC) and the All India Council for Technical Education (AICTE) on Friday issued a joint advisory against…
UGC, AICTE warn students against online PhD programmes offered by EdTech platforms | Latest News India

UGC, AICTE warn students against online PhD programmes offered…

The University Grants Commission (UGC) and the All India Council for Technical Education (AICTE) on Friday issued a joint advisory against…

Leave a Reply

Your email address will not be published.