work 2

Cook 2

Christopher Cook 

Mr. Koss

Writing as Inquiry 073

19 November 2021

Unprepared and Outsmarted

In recent times, hacking incidents have uncovered gaping holes in the United States’ methods of cyber security. John M. Donnelly, a writer for S&P Global, explains that “numerous experts say America's ability to fight offensively or defensively in cyberspace is inadequate.”[footnoteRef:1] There is an overwhelming lack of knowledge in the strategies used in cyber-attacks and extremely weak defenses of our critical infrastructures across the country. The United States government’s efforts towards cyber security defenses are weak and are leading to attacks that greatly threatened the wellbeing. [1:  John M. Donnelly, Gopal Ratnam. “US Is Woefully Unprepared for Cyber-Warfare.” Accelerating Progress, 26 June 2019,www.spglobal.com/marketintelligence/en/news-insights/latest-news-headlines/us-is-woefully-unprepared-for-cyber-warfare-52560026. ]

This past year, the United States government discovered Russia was behind a string of cyber-attacks on the U.S. government. These attacks were a colossal threat not only to the U.S. government, but also the private sector. USA Today states that, “the attacks launch back to March”[footnoteRef:2] and that “it remains unclear just how long operatives have been lurking in [the] government's most critical agencies.” Furthermore, USA Today also writes that U.S. officials said the tactics used by the Russian hackers were unlike anything that had ever been seen before in past attacks. This cyber-attack demonstrated that the United States was drastically behind in their knowledge of defense tactics to counter cyber-attacks. The U.S. government was unprepared defensively for this large-scale cyber-attack and remained unaware of this assault for over six months. [2: Johnson, Kevin. “U.S. Formally Links Russia to Massive 'Ongoing' Cyber Attack; Scope of Hacking Unclear.” USA Today, Gannett Satellite Information Network, 6 Jan. 2021, www.usatoday.com/story/news/politics/2021/01/05/u-s-formally-links-russia-massive-cyberattack-hack-ongoing/6552803002/. ]

Critical infrastructures are assets the United States government deems as critical for our society to run properly. These infrastructures consist of dams, electrical plants, water treatment plants, and hospitals. Without heavy protection of our infrastructures, our country is in great danger of being completely shut down, putting U.S. citizens in serious risk. There have been attacks in the past that have shown the detrimental outcome of these assets being shut down.

Over the past few years, the United States has seen a shift in the goal of cyber hackers. Recently, the initiative of hackers was “directed at destruction rather than on criminal activity to make money.”[footnoteRef:3] In other words, hackers now want control and to cause chaos with disabling things such as critical infrastructure. This poses a much greater threat to the United States. [3:  Lohrmann, Dan. “How Vulnerable Is Critical Infrastructure to a Cyberattack?” Government Technology State & Local Articles - E.Republic, www.govtech.com/blogs/lohrmann-on-cybersecurity/how-vulnerable-is-critical-infrastructure-to-a-cyberattack.html. ]

Along with Russia, China has also been viewed as a massive threat regarding hacking into the U.S. government and critical infrastructures. In the past three years, China has been using, “publicly available information sources and common, well-known tactics, techniques, and procedures to target U.S. government agencies.”[footnoteRef:4] This information being publicly available to everyone emphasizes the lack of effort the United States is putting forth in this field. Moreover, China has been able to greatly damage critical infrastructures all over the United States. An example of these hacking methods was seen when China shut down the power grid in Mumbai, India. The New York Times claimed that with this attack, “trains shut down and the stock market closed as the power went out in a city of 20 million people [and that] hospitals had to switch to emergency generators to keep ventilators running amid a coronavirus outbreak.”[footnoteRef:5] This incident demonstrates the damage Chinese hackers can do with unprotected government information and expose [4:  Holmes, Aaron. “Hackers Working for China Have Successfully Compromised US Government Systems, According to a Federal Cybersecurity Agency.” Business Insider, Business Insider, 15 Sept. 2020, www.businessinsider.com/chinese-hackers-compromised-us-government-systems-fbi-cisa-say-2020-9.  ] [5:  Sanger, David E., and Emily Schmall. “China Appears to Warn India: Push Too Hard and the Lights Could Go Out.” The New York Times, The New York Times, 28 Feb. 2021, www.nytimes.com/2021/02/28/us/politics/china-india-hacking-electricity.html. ]

The threat of nuclear weapons and the tension surrounding them has grown colossally in recent years. This is due to the increased threat of hackers and their capabilities with being able to take over infrastructures. The concern stems not from the hacker’s sabotage or exploding the nuclear weapons, rather from the hackers intercepting or jamming communications during a nuclear crisis. Dr Beyza Unal, a senior researcher at the International Security Department, states, “The vulnerability relies on the communication channel, and based on misinformation, the decision maker makes a faulty decision.”[footnoteRef:6] This could lead to the United States military firing or not firing a nuclear weapon. This would lead to the United States deciding that hackers are controlling, which could be catastrophic if it had the wrong outcome. The lack of communications during a nuclear emergency could pose a significant danger to U.S. citizens. With no communications, nations are left completely vulnerable which puts many lives at risk.  [6:  Will Dunn Follow @willydunn !function(d, et al. Can Nuclear Weapons Be Hacked?, 7 May 2018, www.newstatesman.com/spotlight-america/cyber/2018/05/can-nuclear-weapons-be-hacked.]

The United States government was recently hacked by Russia. This was discovered by the government months after the attack had happened. Furthermore, the tactics and software that were used by these hackers were unfamiliar to the U.S. The attack highlighted not only the lack of defense the United States currently has against the sophisticated methods of hacking, but also the poor cyber attribution techniques. Cyber attribution is, “the process of tracking, identifying and laying blame on the perpetrator of a cyberattack or other hacking exploit.”[footnoteRef:7] It took the United States over six months to discover Russia was behind the large-scale cyber-attack on the government. This was due to weak and inefficient cyber attributions. [7:  Rosencrance, Linda. “What Is Cyber Attribution? - Definition from WhatIs.com.” SearchSecurity, TechTarget, 31 Oct. 2017, searchsecurity.techtarget.com/definition/cyber-attribution. ]

Due to the methods of attack constantly evolving, it is pivotal that the U.S. remain prepared defensively in terms of cyber security. The focus must be on defending against cyber-attacks and having effective cyber attributions in order to track the source of the attack. Our country is fighting conflicts in a different time than it was. The methods of war are changing dramatically from ground combat to cyber warfare and the United States must put forth a great effort in order to be prepared and to protect our country against cyber-attacks of significant consequences.