US Has Devastating Cyber Weapons

Uploaded on 2018-09-28 in INTELLIGENCE--USA, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, NEWS-Cybersecurity News

The White House took a first step this week to fulfill President Donald Trump’s campaign pledge to launch “crippling, crippling” cyber-attacks on adversaries to protect US computer systems, unveiling a new strategy that will allow the United States to take the offensive in cyberspace. 

But experts warn that the new cyber strategy risks exposing the United States to blowback and turning the Internet into a Wild West of hacking operations. 

In rolling out the administration’s new “National Cyber Strategy,” National Security Advisor John Bolton said that Trump had removed restrictions on the use of offensive cyber-operations and replaced them with a more permissive legal regime that gives the Defense Department and other agencies greater authority to penetrate foreign networks to deter hacks on US systems.

“Our hands are not tied as they were in the Obama administration,” Bolton said. Bolton described the new authority as part of an effort to “create powerful deterrence structures that persuade the adversary not to strike in the first place.” 

Decision-making for launching some attacks will be moved down the chain of command; previously, offensive cyber-operations generally required the approval of the president. Those envisioned in the new policy will include both offensive and defensive actions, only some of which may be made public, Bolton said. 

In a separate strategy document released recently, the Defense Department said it would “defend forward” US networks by disrupting “malicious cyber activity at its source.” The new policy comes amid intense scrutiny of the Trump administration’s efforts to deter foreign interference in the upcoming midterm elections. 

In 2016, Russian hackers affiliated with military and intelligence agencies hacked computers belonging to the Democratic Party, released stolen emails, and carried out a propaganda campaign to favor Trump’s chances. Trump, as a candidate, poured skepticism on Russian responsibility but argued the United States should “be better than anybody else” at “the cyber.”

But exactly how the Trump administration will use the newly unleashed offensive cyber-capability remains unclear, as the policy’s details remain classified. A spokesperson for the National Security Council declined to say at what point a US cyberattack would require presidential approval.

Bolstering the country’s ability to operate offensively in cyberspace makes sense, as long as these capabilities aren’t used in isolation, said Michael Daniel, the top cybersecurity advisor in the Obama administration.

“More frequent use of offensive cyber-capabilities only make sense as part of a broader, coordinated foreign-policy strategy involving multiple elements of national power,” Daniel said Michael Daniel.

“If the US government does decide to significantly increase its offensive cyber-actions, it should think those operations through carefully and clearly embed them in a larger strategy for dealing with the particular target,” added Daniel, who now runs the Cyber Threat Alliance, an industry group.

One big concern with offensive cyber-weapons is that they can cause collateral damage far beyond the original, intended target. 

In 2017, Russian operatives unleashed the NotPetya ransomware on the Ukrainian financial system, but the virulent worm spread around the world and caused billions of dollars in damage, shut down hospitals, and caused massive disruptions to global shipping and commerce.

Foreign Policy:

You Might Also Read: 

Trump Relaxes US Cyber Attack Rules:

Hackers Are Fighting A Surrogate Cold War:

 

« UK Builds 2,000-Strong Offensive Cyber Force
Major Facebook Breach: 50m Users Compromised »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Kore Telematics

Kore Telematics

Kore is a leading managed service provider for IoT and M2M applications.

Network Integrity Systems

Network Integrity Systems

Network Integrity Systems is a leader in network infrastructure security and offers solutions specifically developed for Government and Private Enterprise.

NTOP

NTOP

NTOP develop high-quality network traffic analysis and DDoS protection software used by small individuals as well by large telecom operators.

Privacy Analytics

Privacy Analytics

Privacy Analytics enables healthcare organizations to unleash the value of sensitive data for secondary purposes without compromising personal health information.

CyberForce Program - US Department of Energy

CyberForce Program - US Department of Energy

The Department of Energy’s (DOE) CyberForce Program is a workforce development program that seeks to inspire and develop the next generation of cyber defenders for the energy sector.

LuJam Cyber

LuJam Cyber

LuJam Cyber is a cybersecurity company that provides protection to SME Networks.

PureCyber

PureCyber

PureCyber (formerly Wolfberry Cyber) is an award-winning cyber security consultancy whose goal it is to make cyber security accessible, understandable, and affordable for any organisation.

ANSI National Accreditation Board (ANAB)

ANSI National Accreditation Board (ANAB)

ANAB is the largest accreditation body in North America. The directory of members provides details of organisations offering certification services for cybersecurity related standards.

Stratejm

Stratejm

Stratejm, a Next Generation Managed Security Services Provider, brings innovation and thought leadership to the fight against cyber criminals.

Cyber Gate Defense (CyberGate)

Cyber Gate Defense (CyberGate)

CyberGate is an Emirati establishment founded with an objective to provide cyber security services that would improve the overarching cyber security posture of the UAE.

Single Point of Contact

Single Point of Contact

Single Point of Contact is a Managed IT Services provider that helps businesses to achieve a seamless and secure IT environment.

Bastion Technologies

Bastion Technologies

All your cyber defense. One platform. Keep your business assets and employees safe under one roof. Manage your cyber defense quickly, easily & efficiently.

ZENDATA

ZENDATA

ZENDATA are an innovative provider of intelligent, tailored cybersecurity solutions to global companies and public sector institutions.

Convergint

Convergint

Convergint is a service-based systems integrator working alongside a global network of partners and manufacturers to deliver a range of solutions including cybersecurity.

Applaudo

Applaudo

Applaudo specializes in helping the world’s most admired brands optimize their IT solutions, reduce delivery costs, and accelerate their digital transformation.

Prequel

Prequel

Prequel is your real-time problem detection and resolution platform, powered by the global reliability community.