In recent blogs, I have been voicing my indignation that the republican led U.S. congress along with the FBI have squandered months of work hours and millions of taxpayer dollars in the pursuit of uncovering any wrong doing against the former Secretary of State, Hillary Clinton while avoiding their primary duty to act to protect government entities and its citizens from cyber warfare. Within less than three years, the following entities have been victims of cyber attacks by foreign adversaries: U.S. government divisions like the state department, DOD, the White House, Office of Personnel Management, Joint Staff email system that affected 4,000 government employees; organizations like the Democratic National Convention; infrastructure like the (New York) Bowman Avenue Dam; businesses like Sony Pictures and Target, as well as the millions of consumers.
The response to these alarming events have been largely met with legislative inaction and media not highlighting this VERY REAL NATIONAL SECURITY RISK.
This is despite the Director of National Intelligence, James Clapper warning before congress in March 2013, that cyber threats could lead to widespread vulnerabilities in civilian infrastructures and U.S. government systems.
As per C/Net 3/12/2013, “stark testimony delivered today to Congress, Director of National Intelligence, James Clapper described a fast eroding economic and national security landscape that’s being rapidly penetrated by foreign agents infiltrating the nation’s computer networks. This was the first time Clapper has included cyberattacks in his yearly congressional report on security threats facing the nation – the Worldwide Threat Assessment of the U.S. Intelligence Community (PDF)— and they top the list.”
In 2012, NSA Director General Keith Alexander wrote to Senator McCain, “Critical infrastructure protection needs to be addressed in any cyber security legislation (It was not part of 2012 proposed laws and the president’s executive order.). The risk is simply too great considering the reality of our interconnected and interdependent world.” Other notable advocates include: The co-chairmen of the 9/11 Commission, Governor Thomas Kean and Congressman Lee Hamilton; Director of National Intelligence, James Clapper; Director of the FBI, Robert Mueller; former Homeland Security Secretary under President Bush, Michael Chertoff; former Director of National Intelligence Mike McConnell; former Deputy Secretary of Defense Paul Wolfowitz; and former White House cybersecurity and counterterrorism advisor Richard Clarke.
According to a January 2016 GAO report (Government Accountability Office report), the U.S. government’s intrusion detection and prevention program known as “Einstein” has limited ability to detect breaches of federal information systems and thus, is ineffective at combating hackers.
Meanwhile, according to a 2/12/13 Foreign Policy article, when President Obama recognized that the U.S. internet systems were too vulnerable to unfriendly penetration, he then designated U.S cyber security as a top national security concern: “It’s the broadband networks beneath us and the wireless signals around us, the local networks in our schools and hospitals and businesses, and the massive grids that power our nation. It’s the classified military and intelligence networks that keep us safe, and the World Wide Web that has made us more interconnected than at any time in human history. We must secure our cyberspace to ensure that we can continue to grow the nation’s economy and protect our way of life.”
“On February 12, 2013, President Obama signed Executive Order 13636, “Improving Critical Infrastructure Cybersecurity.” Read more about Executive Order 13636.“(Did not place focus on cyber security as a national security problem.)
On May 14, 2015 Karen Waddell of The Atlantic reported on the how the congress was still not seriously looking at these cyber security hacks as a matter of national security or as a foreign policy problem:
“After all these high profile cyber attack incidents, “the Senate Foreign Relations Committee added cybersecurity to the portfolio of one of its subpanels, which had its first hearing on 5/13/15, headed by Christopher Painter, Coordinator of cyber security. Yet only two members showed up: Colorado Republican Cory Gardner and Maryland Democrat Ben Cardin, chairman and ranking member of the Subcommittee on East Asia, the Pacific, and International Cybersecurity Policy, respectively. ”
“But the foreign policy angle hasn’t captured Congress’s imagination just yet. About an hour into the hearing, Cardin left for another committee meeting, leaving the chairman outnumbered by the panel of witnesses.”
“Mike Rogers, who was chairman of the House intelligence committee until he left Congress this January, says cyber security is the missing piece in U.S. defense policy. “This is the largest national security we face that we have no answer to,” Rogers said at an event at the Hudson Institute on Tuesday. “And candidly, we’re not winning.”
According to a NPR 2/13/15 report by Aarti Shahani, “Obama Calls For Better Response To Cybersecurity Threats,”President Obama signed an executive order that aims to stem attacks by hackers. The order encourages companies to share information about cyber threats with each other and the federal government. “(He was the headliner at a summit about the issue today at Stanford University.)
From 2013-2015, there have been numerous press releases detailing how President Obama has been asking congress to pass cybersecurity information sharing legislation that will allow the private sector and government to work together to fight against cybersecurity threats while protecting the private sector from law suits related to this sharing of crucial data and while still safeguarding people’s privacy, confidentiality and civil liberties.
On December 18, 2015, his requested “cybersecurity legislation” was inserted into a must- pass Omnibus bill at the 11th hour, which passed and was signed into law.
On 2/25/16 Alex Harris of “Global Risks Insights” wrote the following:
“On February 9th, US President Barack Obama announced the Cybersecurity National Action Plan, a detailed proposal to modernize and strengthen the United States’ information technology (IT) systems.”
“The plan, part of a $19 billion budget invested in America’s cybersecurity programme, focuses on four main areas: modernizing current IT systems; creating a ‘cyber workforce’ through financial incentives; encouraging more effective work and ‘knowledge-sharing’ between both private and public sectors; and, finally, creating a nationwide campaign to raise public awareness of the importance of cybersecurity.”
“The proposals are a clear assertion that the federal budget is still firmly focused on defence, despite a number of cuts. They also make clear President Obama’s efforts to modernize and strengthen America’s systems to counter the growing threat of cyber-attacks.”
“In 2015, the US federal government spent $637 billion on its defense and intelligence services. Comparatively, then, the $19 billion that was set aside for the Cybersecurity National Action plan might not seem enough.”
“While this proposed budget increase is certainly encouraging, the coming years are likely to herald further increases that go beyond the year-to-year rise of 3 percent between 2014 and 2015.”
As of August 2016, the same players, Christopher painter, James Clapper and President Barack Obama are still trying to direct the congress to legislate and fund; and the media to cover our U.S. cybersecurity problems as the U.S. national security risk of our times.
Op–ed by President Obama: Taking the Cyberattack Threat Seriously/ Whitehouse.gov (press release)–Jul 20, 2012
(PDF)1 Testimony of Christopher M. E. Painter, Coordinator for Cyber Issues … http://www.foreign.senate.gov/download/051415_Painter_Testimony/ United States Senate May 14, 2015 – Testimony of Christopher M. E. Painter, Coordinator for Cyber Issues,. U.S. Department of State. Before the Senate Foreign…
Obama voices concerns about cybersecurity throughout government/ The Hill–Jul 11, 2016
Final A-130 revisions focus on cybersecurity, privacy – Federal Times www.federaltimes.com/story/government/it/…/07/…a130…/87607286/Federal Times Jul 27, 2016 – After more than 15 years of advancement passed it by, the Office of Management and Budget released an update to Circular A-130…