Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Five Ways Government Can Help Businesses Fight Nation-State Attacks

    By
    Robert Lemos
    -
    September 5, 2018
    Share
    Facebook
    Twitter
    Linkedin
      Government-Business Cyber Assistance

      Over the past six months, a relatively unsophisticated group of attackers used a variety of remote access Trojans to attempt to grab banking details from companies—a scheme reminiscent of tactics used by cyber-criminals. 

      Yet, these attacks also targeted a number of Russian, Spanish and U.S. government agencies and were more likely the work of nation-state operators, according to an analysis published by network security firm Palo Alto Networks. 

      Unlike many nation-state attacks, the group was not connected to Russia, China, Iran or North Korea, but to the developing cyber capability in Pakistan, just one of an increasing number of nations developing their cyber capabilities. Pakistan has joined more than 30 nations who now have cyber-attack capabilities, according to the United States’ annual threat assessment published in February. 

      “The risk is growing that some adversaries will conduct cyberattacks—such as data deletion or localized and temporary disruptions of critical infrastructure—against the United States in a crisis short of war,” Daniel R. Coats, the U.S. Director of National Intelligence, stated in the report. “Ransomware and malware attacks have spread globally, disrupting global shipping and production lines of U.S. companies.” 

      As the number of nation-state actors increase, U.S. businesses—a favored target of nation-state and cyber-criminal hackers—will continue to be under threat. Unfortunately, even a cyber capability modestly funded by a smaller nation is usually too persistent for most companies to repulse on a regular basis. Larger nation-states will outclass any private-sector opponent, experts say. 

      “The most dangerous opponents are nation-states,” James Lewis, senior fellow at the Center for Strategic and International Studies, told eWEEK. “They are big, they are rich, and they don’t really care about the law. No company is going to be able take them on, and that is where companies can reasonably say to the government that your job is to protect me—and we are not there yet.” 

      So far damages are mounting. In a report released this year, the U.S. Council of Economic Advisors estimated that malicious cyber-activity cost the U.S. economy between $57 billion and $109 billion in 2016. In 2017, the double whammy of the  q pidemics likely mean that damages rocketed even higher. 

      For companies looking to the government to help, however, the wait may be long. A variety of issues still hobble government efforts to aid private-sector firms: from over-classification to concerns over targeting the right adversary. But here are five ways that cyber-security experts hope the U.S. government will help businesses. 

      1. Sanctions can help, but are not the only way 

      In 2015, the Obama administration threatened sanctions against China unless the country stopped economic attacks on U.S. private companies. The resulting agreement between China and the United States only blocks the nations from hacking each other’s industry for economic gain. Espionage is still fair game. While attacks may have declined, there is no solid evidence that Chinese operational activity has declined, said Christopher Porter, chief intelligence strategist of cyber-security company FireEye,

      stated in a policy analysis

      . 

      “There is no evidence that such measures have improved cyber-security for the United States,” Porter stated. “Chinese operations continued apace after the 2014 indictment of hackers associated with the Chinese military and decreased only after diplomatic efforts became serious.” 

      A lack of fear of repercussions has made hacking between countries the status quo. Most other countries have operations that hack with relative impunity, because they don’t fear retribution. The U.S. government will have to take quick, decisive action to cause economic pain to the countries who hack U.S.-based businesses, CSIS’s Lewis said. 

      “If we are not willing to do something back, then the bad guys will never stop,” Lewis said. 

      2. U.S. should reconsider what constitutes critical infrastructure 

      Both the U.S. government and companies need to determine which private-sector systems are critical and should be protected by the weight of the federal government. The U.S. Department of Homeland Security lists 16 critical infrastructure sectors, but vulnerable industries are still not on the list. 

      Prior to the 2016 presidential election, for example, election systems were considered to solely be the responsibilities of the states, but now efforts are underway to have them designated as critical infrastructure. In January 2017, the U.S. Department of Homeland Security clarified that it now considered election infrastructure to be critical. 

      “Recent history has shown that the U.S. government is not as good at picking which industries to protect as threat actors are at finding strategically valuable soft targets to hit,” FireEye’s Porter said. “And today’s institutions, however well-staffed, well-equipped and well-led, have not focused on the right problems.” 

      3. Make more information available to U.S. firms 

      While some information sharing and analysis centers (ISACs) do well at providing members with information about the latest threats, timely threat information continues to be scarce. 

      Firms are wary about sharing information with competitors and of the liability inherent in admitting that they may have been breached. Furthermore, when government agencies receive information, it is often a one way street. Information about attacks tends to be classified and often only provided to industry after companies that could have made best use of the data have been breached by cyber-attacks. 

      “At a minimum, the director of national intelligence should consider requiring intelligence agencies to provide Secret-level briefings of major findings and technical indicators for all cyber-related finished intelligence that is published,” FireEye’s Porter wrote. “This would greatly widen the circle of outside experts, private companies, and cleared academics that could benefit from reporting.” 

      However, CSIS’s Lewis argued that companies should only participate if they are able to use the data. 

      “A small company that gets information is probably not going to be able to do something with it,” he said. “So, in that case, we need managed services.” 

      4. Increase attackers’ pain 

      To dissuade nation-state groups from attacking companies, federal agencies should find ways to make attacking businesses more painful. Indictments and sanctions do not do enough to dissuade the attackers, said CSIS’s Lewis 

      “We have to think of what are more extreme measures that would increase the pain for these guys,” Lewis said. “Part of it is that the previous administration was unwilling to take action and so there was a general perception among our state opponents that the U.S. would never do anything back.” 

      FireEye’s Porter argued that giving more responsibility to military commanders and intelligence directors to conduct cyber operations could help make the U.S. response more agile. 

      “The U.S. and its allies must push more authority to the commanders of cyber-forces so that they have freedom to act to the degree required to keep citizens safe from ongoing and imminent cyber operations, he said. “President Trump’s decision to revisit PPD 20 and take off some of those handcuffs is a necessary first step.” 

      5. Create international norms for cyber operations 

      Lewis contributes to a group of internet experts aiming to set standards of behavior among actors in cyberspace. Called the Global Commission on the Stability of Cyberspace, the group is working with the United Nations and other group to establish normative rules on how countries should act. 

      “Norms help set behavioral standards,” he said. “You have to say here are norms that everyone has agreed to, and your behavior deviated from those norms, and so that justifies some kind of punitive action, whether it’s public censure or sanctions or something else.” 

      While companies—especially large enterprises—have the technical resources and capabilities to defend against most threats, the government can help head off the well-funded nation-state actors, Lewis said. 

      “Getting new defensive technologies out there—the private sector does that quite well,” he said. “The government can help bring everyone up to the same level, through standards, and help dissuade the threats though norms and other actions.”

      Robert Lemos
      Robert Lemos is an award-winning freelance journalist who has covered information security, cybercrime and technology's impact on society for almost two decades. A former research engineer, he's written for Ars Technica, CNET, eWEEK, MIT Technology Review, Threatpost and ZDNet. He won the prestigious Sigma Delta Chi award from the Society of Professional Journalists in 2003 for his coverage of the Blaster worm and its impact, and the SANS Institute's Top Cybersecurity Journalists in 2010 and 2014.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×