Get free updates on Cyber Security
Stay informed with our daily email, the myFT Daily Digest, summarizing the latest news in Cyber Security every morning.
Viktor Zhora, the face of Ukraine’s successful fight against Russian cyber attacks, was warmly welcomed at Black Hat, the world’s largest cyber security event in Las Vegas.
“Since 2014, the adversary has greatly challenged us,” said Zhora, the deputy chair at Ukraine’s special communication and information protection service, referring to the year of Russia’s annexation of Crimea. “By the time of the full-scale invasion in February last year, cyber had become a major component of hybrid warfare, and we have evolved to counter it.”
Zhora received praise and fist bumps from attendees, including Jen Easterly, the director of the US Cybersecurity and Infrastructure Agency, who said, “We have learned a lot from Ukraine’s playbook. We’ve probably learned as much from you as you have learned from us.”
However, behind the scenes, cyber executives at the event argued that the US and its allies, who have supported Ukraine’s cyber defenses financially, have not fully utilized Ukraine’s experiences. They complain that the West is hindered by regulatory and legal roadblocks, preventing the fast and efficient sharing of sensitive information that is crucial for swift responses in the cyber domain.
“The reality in Ukraine is difficult for most Western countries to comprehend,” said Matt Olney, director of threat intelligence and interdiction for Cisco Systems. He recounted an incident where Cisco’s proposal for a major security upgrade to a state’s election system stirred confusion and outrage among US authorities. Olney’s Ukrainian colleague responded, “This is war. I say do it, and they do it.”
The US and its allies in Europe and Asia are already engaged in low-level cyber aggression and espionage against Russia, China, Iran, and North Korea. Despite efforts to block them, Russian and Chinese government-backed hackers regularly infiltrate Western systems for disinformation and spying campaigns.
Last month, when the State Department discovered that officials’ emails regarding China had been hacked, authorities claimed to have received insufficient information. This prompted Oregon Senator Ron Wyden to urge federal probes for Microsoft, the provider of the State Department’s emails, to share more technical data about the breach.
Similarly, it took UK authorities 10 months to inform millions of citizens on the electoral register that their data had been exposed to unidentified hackers possibly working on behalf of a foreign nation.
Olney and others argue that when these breaches are discovered, the targeted organizations are slow to share critical information, such as technical data that could help prevent similar hacks elsewhere.
“I believe in radical transparency,” said John Shier, a senior executive at UK-based cyber security company Sophos. “It allows for proactive measures and collective support to overcome shared challenges.”
One obstacle is the US government’s classification of certain details as confidential. Robert Lee, CEO of cyber security company Dragos, revealed that some cases were not immediately disclosed because of classified information.
“There is some truth,” he added, “to the notion that asset owners and operators keep things quiet.”
Another problem is that publicly traded companies are hesitant to disclose potentially damaging information due to concerns about its impact on their share prices. The US is working on legislation to address this issue, with the Chamber of Commerce challenging new rules from the Securities and Exchange Commission that require publicly traded firms to disclose material breaches within four days.
Furthermore, overlapping authority among various agencies has resulted in disorganized responses instead of disciplined collaboration, according to Lee.
“The FBI, DHS, and CISA are tripping over each other and engaging in behind-the-scenes inter-agency conflicts that are far more intense than what the public sees,” said Lee.
During the conference, a US defense department official approached a group of cyber security professionals at a bar and asked why the US hasn’t experienced complex, simultaneous attacks. The official answered his own question, stating, “Deterrence is our defense. They know we have infiltrated their systems as well, and if they attack us here, we can retaliate and cause disruption in Moscow.”
While there is still progress to be made regarding transparency, Easterly, the director of CISA, acknowledged that the fear of escalating tit-for-tat attacks has somewhat restrained chaos.
“There is still some fear of escalation,” she said. “But we are starting to understand that a threat to one is a threat to all.”
Denial of responsibility! VigourTimes is an automatic aggregator of Global media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, and all materials to their authors. For any complaint, please reach us at – [email protected]. We will take necessary action within 24 hours.
