It’s time we got serious about defending the country against cyberwarfare.
The nature of warfare inevitably evolves, and the best-defended and economically dominant countries of the world need to evolve with it. We didn’t see a problem beefing up our air force when aviation ruled the battlefield, and we’re still dealing with a nuclear stockpile meant to deter our enemies from attacking us with these enormously destructive weapons. So why are we so far behind on defending ourselves from a cyberattack?
The future of war is digital, and if we’re going to survive the assault, we need to be ready.
What Cyberwarfare Could Look Like
Cyberwarfare is threatening for several reasons. For starters, even a large-scale, devastating attack could be launched by a single, motivated person. When you don’t need to get government approval, or mobilize an army of tens of thousands, the stakes become much higher and the threat becomes more immediate.
It’s also threatening because the stakes are higher than ever. Most of our daily lives, careers, habits, needs, and entertainment are tied to digital systems. Take out the wrong one and millions could be without access to the resources they need to survive.
On top of that, there are many different types of threats that the United States could face:
- Weaponized ransomware. Ransomware is one of the fastest-growing types of malware attacks, and it’s only going to become more popular in the future. The idea is simple; infect a computer or system, then prevent that system from being accessed unless the user pays a fee to the originator of the attack. On a small scale, this is an almost innocuous problem, but when ransomware attacks start hitting hospitals or government organizations, it could cut off important resources and/or cost us billions of dollars.
- IoT espionage. The Internet of Things (IoT) has enormous potential to change our lives, but it also multiplies the level of vulnerability faced by the average person. A single vulnerability is all it would take for an entire fleet of independent, high-tech devices to turn into spies for another country or a nefarious organization. The average person may not worry about his personal data, but a large-scale attack could be disastrous.
- DDoS attacks and outages. Think of the number of online services and digital interfaces you rely on to live your life. It’s how you pay your water bill, how you transfer money, and probably how you work and communicate with others. Defenses against distributed denial of service (DDoS) attacks are getting better, but the attacks themselves are getting stronger, thanks to the availability of billions of connected devices. One well-coordinated attack could cut off resources to millions.
- Bots and manipulation. Of course, let’s not forget the possibility of social media bots and other forms of manipulation of the American public. Setting aside the accusations of manipulation in the 2016 Presidential election, it’s easy to recognize that external powers are attempting to divide and stoke animosity within the American public. Intelligence organizations have been orchestrating discord and stoking the fires of revolution in other countries for years; now that we’re all accessing the same digital communication channels, it might only take a small push to influence a change in tide.
How We Need to Prepare
So what should we be doing to prepare?
- Better-trained cybersecurity experts. First, we need better, more thoroughly trained cybersecurity and microelectrics experts in the military and in national intelligence organizations. That means more familiar with the dominant technologies in the cybercriminal sphere, but also more flexible and better-rounded, so they can better respond to complex, innovative attacks. These experts should be high ranking not only in the public sector, but the private sector as well — where heavily relied-on systems are most vulnerable.
- More funding. We also need to dedicate more funding to developing our IT infrastructure, and provide grants to businesses in especially important or vulnerable positions — like hospitals and banks — to advance their own cyberdefenses. With so many high-profile organizations relying on tech from the 90s, this is imperative.
- Increased public awareness. Finally, we need more average individuals to be aware of the potential threat of a cyberattack. We need to start taking this seriously, protecting ourselves and our own devices, and putting more pressure on politicians to take action.
What’s Stopping Us?
What’s stopping us from taking these actions? There are several potential factors, but it mostly stems from complacency. We’ve never experienced a large-scale cyberattack on the United States, so it’s hard to perceive it as a real threat. But the time to act isn’t after an attack has already unfolded — it’s long before an attack has a chance to develop. That time is now.