Re-Thinking the U.S. Government’s Approach to Cybersecurity

Are the “cybersecurity” tools used by the CIA and NSA causing harm to U.S. businesses and citizens? An analysis of the WikiLeaks materials, and recent hacker activity, suggests the answer may be yes.

This month, it was revealed that at least 40 cyber attacks on organizations in 16 countries were conducted with top-secret hacking tools, according to security researcher Symantic Corporation. While not formally blaming the CIA, Symmantic said it connected these attacks to the CIA hacking tools obtained by WikiLeaks, and that the targets were government entities or had some national security value.

The CIA efforts, however, do not appear to be limited to foreign targets. Cisco Systems, whose Internet switches direct electronic traffic, has also reported that the CIA exploited flaws allowing eavesdropping across 300 different Cisco products.

Even worse, in 2016, a global hacker group, The Shadow Brokers, released (at no cost) a “treasure trove of purported NSA hacking tool,” which can be freely used by hackers to target individuals and corporations around the world. According to Reuters, the NSA used these tools to gain access to the SWIFT banking system, used by 11,000 banks in 200 countries, illustrating the obvious usefulness of these tools to malicious hackers.

Departing NSA Deputy Director Rick Ledgett confirmed that as much as 90 percent of all federal spending on cyber programs is dedicated to offensive efforts. This lopsided prioritization not only leaves little funding for “cyberdefense,” but has also created a cache of “weapons” to target anyone, anywhere, and apparently, to be used by clearly malicious hackers. As Mr. Ledgett remarked, the government is trying to address this, recognizing the increasing need for both defense and information assurance programs.