Donald Trump Has A Plan for CyberWar

Uploaded on 2016-04-15 in NEWS-Cybersecurity News, INTELLIGENCE--USA, GOVERNMENT-National, FREE TO VIEW

In a meandering, 100-minute-long telephone interview with The New York Times last week, Donald Trump elaborated on some of the bold and belligerent foreign-policy prescriptions he’s hinted at in the past.

He touched on nuclear weapons, spying and the fight against ISIS, bringing his tried-and-true “we’re losing” doom and gloom to each topic. His proclamations of decline seem to be designed to support what he said outright on Twitter last week, after a bombing in Pakistan killed dozens and injured hundreds: “I alone can solve.”

When confronted with a question about cyberwarfare, Trump leaned on the same tactics, while displaying a profound unfamiliarity with the issue.
David Sanger, one of the two Times journalists interviewing Trump, asked the candidate if the US should use cyberweapons as an alternative to conventional weapons or nukes, and if so, how often.

Trump said he didn’t think cyberweapons are an alternative to nuclear weapons “in terms of ultimate power.” He tacked back to discussing nukes—“I will tell you, I would very much not want to be the first one to use them, that I can say”—until Sanger asked him again how he would use the US cyber-arsenal as president.

And that’s when the Trump kicked into full woe-is-us mode. Here’s his answer, in full:

First off, we’re so obsolete in cyber. We’re the ones that sort of were very much involved with the creation, but we’re so obsolete, we just seem to be toyed with by so many different countries, already. And we don’t know who’s doing what. We don’t know who’s got the power, who’s got that capability, some people say it’s China, some people say it’s Russia. But certainly cyber has to be a, you know, certainly cyber has to be in our thought process, very strongly in our thought process. Inconceivable that, inconceivable the power of cyber. But as you say, you can take out, you can take out, you can make countries nonfunctioning with a strong use of cyber. I don’t think we’re there. I don’t think we’re as advanced as other countries are, and I think you probably would agree with that. I don’t think we’re advanced, I think we’re going backwards in so many different ways. I think we’re going backwards with our military. I certainly don’t think we are, we move forward with cyber, but other countries are moving forward at a much more rapid pace. We are frankly not being led very well in terms of the protection of this country.

Trump appears to be making three points here: first, that the US is “obsolete in cyber”; second, that the US can’t even tell where attacks are coming from; and third, that “the power of cyber” is “inconceivable” and should figure “very strongly in our thought process.”

That latter point is hard to argue with. Cyberweapons are indeed mind-bending: Look no further than Stuxnet, a US and Israeli cyberattack that caused Iranian nuclear centrifuges to spin out of control and destroy themselves. It was a landmark moment for state-on-state cyberattacks.

But his first two points are, as far as conventional wisdom goes, far wide of the mark. The US is in fact believed to have the most powerful arsenal of cyberweapons of any country. Its specific capabilities are a closely guarded secret, but the government is likely hoarding knowledge of vulnerabilities and security flaws that it could use to inflict damage on other countries’ computer systems—sort of like a reserve of warheads ready to be deployed.

And while attributing cyberattacks to a country or an individual is indeed one of the more difficult aspects of cyberwarfare—far trickier than figuring out where a missile was fired from, for example—the US has gotten pretty good at it. Soon after Sony Pictures Entertainment became the victim of a massive hack in 2014, for example, US officials pointed fingers at North Korea. The government was able to come to that conclusion because it had been spying on North Korean networks since 2010, The New York Times reported.

More recently, the Justice Department has embarked on a name-and-shame campaign, bringing public charges against foreign state-sponsored hackers who attack US government and private sector computers. It began in 2014, when the department placed five members of China’s People’s Liberation Army on a list of most-wanted cybercriminals for stealing trade secrets. In the past two weeks, two Syrians and seven Iranians have been charged and added to the list.

When Trump bemoans an “outdated” the US cyber-arsenal, he might be thinking instead of the sorry state of America’s cyber-defenses. Its shortcomings were made incredibly clear by the Chinese attack on Office of Personnel Management servers in 2015, when hackers gained access to the private information of 22 million people. Numerous other attacks on government systems and email servers have proved the government’s difficulty keeping digital information safe.

Trump certainly isn’t the only presidential candidate without a meaningful cybersecurity and cyberwar platform. A Wired summary of the contenders’ positions showed that all of them have painted their positions in very broad strokes, if they’ve even taken one.

But whoever takes over the Oval Office in 2017 will be handed more than just the country’s nuclear codes. The next high-stakes raid may not involve an elite team of Navy Seals, but rather hinge on vulnerabilities in an enemy’s computer code—so presidential hopefuls had better start wrapping their head around the “inconceivable power of cyber.”

Ein News: http://bit.ly/1S4QdmZ

« UK Investigatory Powers Bill Will Cost £1bn To Implement
Were Brussels Terrorists Trying To Build 'dirty bomb' »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Prolinx

Prolinx

Prolinx provide secure Data Centre hosting services and other fully managed security services for networks and information systems.

Vanguard Integrity Professionals

Vanguard Integrity Professionals

Vanguard Integrity Professionals is an independent provider of enterprise security software solutions that address complex security and regulatory compliance challenges.

PFP Cybersecurity

PFP Cybersecurity

PFP provides a SaaS solution for life-cycle protection based on our IoT security platform and power usage analytics.

Ubisecure

Ubisecure

Ubisecure provide Identity & Access Management solutions.

Achtwerk

Achtwerk

Achtwerk manufacture the security appliance IRMA for critical infrastructures and networked automation in production plants.

United Nations Office on Drugs & Crime (UNODC)

United Nations Office on Drugs & Crime (UNODC)

UNODC promotes long-term and sustainable capacity building in the fight against cybercrime through supporting national structures and action.

Munich Re

Munich Re

Munich Re is a leading global provider of reinsurance, primary insurance and insurance-related risk solutions including Cyber.

SafeTech Informatics & Consulting

SafeTech Informatics & Consulting

Safetech's OTShield detects, prevents and analyses cyber-attacks in SCADA and Industrial IoT systems by utilising state of the art deception techniques.

StartupXseed Ventures

StartupXseed Ventures

StartupXseed Ventures is a smart capital provider for Deep Tech, B2B, Early Stage Startups. We support, NextGen Tech Entrepreneurs, who have potential to deliver the outsized growth.

eaziSecurity

eaziSecurity

eaziSecurity has built an eco-system of technology and services that bring enterprise scale security solutions to the SME marketplace.

Resilience Cyber insurance

Resilience Cyber insurance

Resilience helps to improve cyber resilience by connecting cyber insurance coverage with advanced cybersecurity visibility and a shared plan to reinforce great cyber hygiene.

Cura Technology

Cura Technology

Cura Technology offers a wide array of security solutions meticulously designed to address specific facets of your security requirements.

PriorityZero

PriorityZero

PriorityZero is a European company focused on remote security assessments and consulting services that operates on a global scale.

Ciena

Ciena

Ciena is a global leader in optical and routing systems, services, and automation software. We build the world’s most adaptive networks to address ever-increasing digital demands.

Click Studios

Click Studios

Click Studios is an Agile software development company specialising in the development of a secure Enterprise Password Management solution called Passwordstate.

RySec

RySec

RySec specialize in affordable cybersecurity solutions designed to protect your business from today’s ever-evolving threats.