When most people think of international attacks, they think of bombs, tanks, and guns: things that can be touched, seen, and heard. For most of history, they have been right — this is how conflict has looked for centuries. Now, however, the advent of new technology has given rise to new threats, ones that are subtler and formless but no less real, and certainly no less dangerous.
Cyberattacks are a rapidly growing threat, both to government agencies and the nation as a whole. Every minute, 208 new malicious files are created, 137 new malware samples are captured, $761,000 is lost due to digital crime, and $1,900 is paid in ransomware. The average US firm loses $30 a minute to hacking attacks. Make no mistake—cyberspace is an active warzone.
In many ways, it’s a much trickier battlefield than those in the physical world. In the borderless realm of cyberspace, the distance between, say, North Korea and the US shrinks to nothing. Cyber attackers have unlimited and instantaneous reach directly into the heartland of our country.
Our enemies are already making use of new tools. In November 2014, North Korea was associated with a cyberattack on Sony Pictures, which leaked not only confidential data about the business, but also personal information of employees and their families. In February 2016, a North Korean cyberattack robbed Bangladesh Central Bank of $81 million. Most recently, North Korea was linked to the massive ransomware attack known as WannaCry, which hit 300,000 computers in 150 countries, encrypting critical data and demanding a ransom for its release.
WannaCry severely crippled key infrastructure around the world. This included the Department of Homeland Security, 25% of India’s national police systems, dozens of hospitals in the UK’s National Health Service, 100,000 computers at various Chinese universities, and major businesses such as Deutsche Bank, Nissan, FedEx, and Hitachi. The sheer reach of this attack is chilling. With a single piece of malware, North Korea was able to disable critical systems and agencies across the globe.
North Korea is hardly alone in this. Syria boasts the Syrian Electronic Army, which was trained, equipped, and supported by Iran and targets Western media sources, such as the Washington Post, the Chicago Tribune, the Financial Times, and Forbes, as well as companies like Dell, Microsoft, and Ferrari. Iran boasts its own organized groups of offensive hackers, including the Basij Cyber Council and units directly under the Iranian Revolutionary Guards Corps. China has the PLA Unit 61398, a hacker division of the People’s Liberation Army that has been attacking a wide range of government and corporate agencies since at least 2006. There has also been a trend of increasing cooperation between these parties, all of whom are generally unfriendly to US interests.
Perhaps the most infamous example of the current power of cyberattacks—and the need for better defense—is the recent presidential election. The Office of the Director of National Intelligence has concluded “with high confidence that Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US presidential election, the consistent goals of which were to undermine public faith in the US democratic process.” This was a complex attack, executed via a range of interference methods, including a network of quasi-government trolls, spear phishing, and the use of botnets to spread misinformation on social media and comprise sensitive data. Over 120 election officials’ computers were attacked, as were voter databases, compromising some 90,000 records. A full 39 states experienced some form of attack, and the full extent of the Russian penetration is still uncertain.
This cyber sabotage was intended to manipulate public opinion on the trustworthiness of traditional news sources and instill a distrust in our most basic democratic processes.
All of this is only the tip of the iceberg. Cyberattacks on critical infrastructure continue to increase in number and frequency. This extends to financial systems, healthcare, airports, rail networks, electric grids, and more. Safeguarding America is not just a question of guns and tanks, but new, intelligent cyber protection systems, ones that can not only defend the vulnerable points of critical systems but can learn and evolve faster than the proliferation of cyberthreats.
Traditional security methods can no longer keep up with the evolving threat landscape. New approaches, such as those using artificial intelligence (AI), are needed. In essence, the only technology that can properly guard against the rapidly growing and changing threat landscape is one that can learn and evolve faster than the threats it prevents. The defense of the nation and government is no longer limited to the physical world; some of the most important battles of the future will take place beyond what can be seen, heard, or felt. It’s time to see national security for the new paradigm it is, and develop the new solutions it requires.
General Allen has served in a variety of command and staff positions in the Marine Corps and the Joint Force. He served as Special Presidential Envoy for the Global Coalition to Counter the Islamic State of Iraq and Levant, Commander of the NATO International Security Assistance Force in Afghanistan, and Deputy Commander of Central Command. He serves on the board of directors of several firms including SparkCognition. He was the co-recipient of the 2015 Eisenhower Award of the Business Executives for National Security.