It takes constant communication to enhance the efficacy of public and private sector entities in detecting and mitigating cyberattacks on everything from federal systems and critical infrastructure to banks and hospitals.
While some have been calling for the Pentagon to take on the lion’s share of involvement, it’s clear that making anyone unilaterally responsible for protecting U.S. networks—both public and private—would drastically weaken cyber defenses.
We are living in an unprecedented time where the global cybersecurity landscape is growing and changing by the day. Cybercriminals are broadening their skills to sidestep defense mechanisms and scale their operations. Threat intelligence shows that cybercriminals are not only finding new attack vectors but are also increasing the frequency with which they execute those attacks. Combine these factors with state-sponsored funding for cybercriminal activity and the problem is even more critical.
Ransomware has emerged as a dominant threat. Over the past six months, there have been 10,666 ransomware variants identified, compared to just 5,400 in the previous six months, according to the most recent FortiGuard Labs threat report. That’s almost 2x growth in ransomware variants in half of a year.
We’re also seeing wiper-related cyberattacks in parallel with the Russia-Ukraine war bleeding out into other countries. Their proliferation worldwide proves there are truly no borders when it comes to cybercriminal activity. This new breed of attackers is using malware to evade cyber defenses, with many of these developers using system binary proxy execution to achieve their goal.
The U.S. Departments of Defense and Homeland Security and the Cybersecurity and Infrastructure Security Agency should work in concert with private businesses, technology providers, utilities companies and leading cyber analysts to collectively deal with the preemption, mitigation and evaluation of attacks on critical infrastructure and key supply chains.
This is already happening to some degree. The most notable example is when industry and DOD worked together to identify and respond to the SUNBURST attack in 2020. General Nakasone, Commander of US Cyber Command, later gave industry credit for exposing the threat to DOD and the NSA.
More recently, in early September, CISA formally started soliciting feedback from industry on cyber incident reporting, allowing some of the most innovative stakeholders to help shape regulatory policy for how government and industry can work in concert to report and defend against cyberattacks in real time and in the aftermath.
CISA Director Jen Easterly got it right when she said at a recent cybersecurity summit that the government and industry cannot take on the worldwide cyber threat alone. “We need to make it such that if you’re a transgressor in this space, the new deal is you got to beat all of us to beat one of us,” Easterly said.
National Cyber Director Chris Inglis has echoed Easterly’s sentiments. “Collaboration has to be built on common cause,” Inglis said. “We don’t want two scoreboards, we want one. We will suggest things to one another no one could’ve done alone. We will solve things no one could’ve solved alone.”
Each partner brings unique value to the table. For years, the private sector has successfully helped arm DOD with tools and knowledge for the new digital battlefield, providing innovations that the DOD otherwise would not have. At the same time, the agency plays an essential role as a convener and coordinator of expertise and information for the broader Defense Industrial Base and is committed to providing strategy and assistance on cybersecurity concerns, as well as performance measurements, either through Cybersecurity Maturity Model Certification or other means. With the Pentagon’s ability to orchestrate complex missions, access to intelligence and a broader vision of national security, it plays an essential role from an operational standpoint.
This is not a go-it-alone problem. The DoD can’t handle these attacks themselves and neither can the private sector. Like the allies our government combined forces with during the physical wars of the past, it must now find its allies in the companies innovating in the digital world. We all have a part to play in harnessing our unique skillsets to address all facets of an ever-changing and ever-evolving threat landscape.
Felipe Fernandez is Sr. Director, Systems Engineering, at Fortinet Federal, a Sunnyvale, California-based supplier of of physical firewalls, antivirus software, intrusion prevention systems and other cybersecurity products and services.
Have an opinion?
This article is an Op-Ed and the opinions expressed are those of the author. If you would like to respond, or have an editorial of your own you would like to submit, please email C4ISRNET and Federal Times Senior Managing Editor Cary O’Reilly.