Use The Military To Attack Hackers
Chris Krebs the former US cyber security chief of Cyber and Infrastructure Security Agency (CISA) has says the US military should hit cyber criminal gangs that hack organisations and governments. He has suggested that military cyber attackers could use ransomware to try to thwart gangsters by revealing personal information, a tactic known as doxing.
“You have to chase the bad guys, and I’m not just talking about law enforcement.” Krebs said in an interview with the Financial Times. "You actually place a title 10 employee - civilians employed by the military - Deploy intelligence features, like Cyber Command. You send them a message directly, saying, “We know who you are, we will either quit or come after you using information warfare.” You expose them. There is something you can do."
Krebs’ comments contradict the conventional way of thinking about establishing cybersecurity. Experts tend to warn businesses not to “hack” ransomware attackers. This is because it can be difficult to identify the enemies you are dealing with and their abilities.
To understand the challenge facing CISA and the rest of the government, it helps to understand the frustrating nature and enormity of the SolarWinds hack. Early reports focussed on agencies like the US Departments of Treasury and Commerce, but the hack was much broader than that and we still don’t know precisely which systems may have been compromised and what data may have been taken.
Digging out every possible compromise will take discretion and trust, the kind of qualities Krebs had been building up in his role and lost when he was abruptly shown the door. Krebs was fired from his role as the head of CISA following him publicly contesting Donald Trump's baseless claims of voter fraud in the election.
For almost a year hackers have used SolarWinds software to spy on governments and business in the US, and around the world.
The Verge: Business Insider: Financial Times: EMINETRA:
You Might Also Read: