​DoJ, security experts warn of increasing overseas cyberattacks

Reuters / David McNew

Reuters / David McNew

The United States must ramp up its ability to defer and defeat cyberattacks, security experts and federal prosecutors agree, as foreign hackers target American networks with increasing scope and sophistication.

With security breaches
being suffered by US-based corporations on a regular basis,
panelists at a summit in Washington, DC this week sounded an
alarm for firms to adopt aggressive yet defensive cyber policies
– lest they want to risk becoming this year’s Target, Home Depot
or, most unfortunately, Sony Pictures Entertainment.

At the International Conference on Cyber Engagement at Georgetown
University, two of the federal government’s top attorneys urged
private businesses to forge relationships with law enforcement in
order to minimize in advance their response to a hypothetical –
but increasingly possible – cyberattack.

READ MORE: Pentagon drafting thousands of ‘cyber
forces’ in prep for cyber emergency

John Carlin, the assistant attorney general for the US Department
of Justice’s national security division, echoed a strategy for
dealing with cyberattacks laid out in a report released by the
Pentagon last week, which advocated for, among other objectives,
making such assaults too costly to wage.

“A private company that has internet-connected computers
cannot keep a dedicated nation state out of its systems,”

Carlin said, so the government must do “everything we can to
increase the costs for the bad guy so that they know there is
going to be a consequence.”

In the wake of last year’s Sony hack, attributed by the US to
North Korea, Carlin’s co-panelist, Assistant Attorney General
Leslie Caldwell of the DoJ’s criminal division, said that
prosecutors are widening their net with regards to pursuing
foreign suspects.

Caldwell said that cybercrime is currently the top priority for
the Justice Dept., but stressed that it’s an issue that far
exceeds other illegal activity when it comes down to how the
players are dispersed. In nearly every cyber case she’s worked,
Caldwell said, an international component has complicated matters
for US investigators. Federal prosecutors are nevertheless
touting last year’s indictments against alleged hackers with
China’s People’s Liberation Army, among other catches, as being a
symbol of the DoJ’s growing willingness to prosecute abroad.

Threats against US
networks are increasingly becoming issues of national security,
the feds agreed, with the hack suffered by Sony being the best
example as of late. They also admitted that not enough American
companies are taking preventative measures to avoid becoming the
next victims, however, and urged companies to embrace security
before it risks becoming an afterthought.

“You need to have a point-of-contact in law enforcement
before you’re hacked,”
Caldwell said, “… to know what
you’re supposed to do.”

“You should definitely have a relationship” with
authorities, she added. “The FBI and Secret Service have
agents all around the country who have a lot of expertise in this
area.”

Caldwell and Carlin also both advocated for corporations to share
cyberthreat information with the federal government – an item up
for discussion in the US Congress as recently as last week. At a
panel later in the afternoon, security experts agreed that firms
must work with the feds as attacks become harder to counter.

Tom Kellerman, the chief cybersecurity officer for the firm Trend
Micro, added that 44 percent of respondents in a recent poll
taken among critical infrastructure industries said that they had
fallen victim to a Sony-like attack, and the reason is because
dangerous malware has become easier to get than ever.

Like the DoJ panelists before him, Shawn Henry, the president of
CrowdStrike Services and a former FBI cyber agent, said that
corporations and governments must work together in order to best
fend off attacks that might otherwise be out of scope for either.

READ MORE: CISA’s sibling: House passes new cyber
threat-sharing bill

In the physical realm, Henry said, governments abide by an ethos
of “Anything at any cost to protect the citizens.”
Digitally speaking, though, “it’s not happening,” he
said. Malicious code on par with what the alleged North Korean
actors used against Sony may be on every corporate network, Henry
said, but it’s not being stopped by the government. Rather, it’s
being purchased by crooks on the deep web and used again and
again on unsuspecting, unprepared companies while governments
watch idly.

“They don’t have the capability, authority or capacity to do
it in today’s environment for a lot of reasons,”
Henry said
of the governments’ response.

According to Kellerman, “the only way the internet is going
to be sustainable in the next 20 years”
is if Silicon Valley
embraces cybersecurity, and not just by “investing in cyber
security start-ups.”

Last week, the Dept. of Defense released its first official
cyberstrategy report in five years, the contents of which
advocated for waging offensive operations against foreign
adversaries to disrupt and deter their ability to target American
networks. Meanwhile, lawmakers in the House voted 307-116 last
week favor of the Protecting Cyber Networks Act, advancing a bill
that expanded legal liability protections for corporations if
they choose to voluntarily share certain kinds of digital data
with the government.

Leave a comment