Published on October 14th, 2022 📆 | 1963 Views ⚑
0Cybersecurity Pros Warn of Danger Ahead With Russia, China, and Beyond
A cybersecurity talkfest Thursday evening in Washington, D.C., may have left attendees needing the drinks served at the reception afterwards.
âWe're actually entering perhaps one of the most dangerous times that we've had in the cyber domain,â said Dmitri Alperovitch, co-founder and chairman of the Silverado Policy Accelerator(Opens in a new window) think tank.
Speaking at an event hosted by Axios(Opens in a new window) and sponsored by Silverado and Google, Alperovitch cited two causes for cybersecurity concern.
One is Russian President Vladimir Putin escalating his countryâs unprovoked invasion of Ukraine by annexing parts of that countryâincluding areas in which Russian troops have been surrendering to advancing Ukrainian soldiers.Â
âIn some ways, Putin is metaphorically burning the boats,â Alperovitch said, suggesting this increases the chances of Putin reacting to continued Western help for Ukraine with retaliatory cyberattacks.
The other happened in D.C. on Friday, when President Biden announced sweeping restrictions on the sale of advanced semiconductor hardware to Chinese firms.Â
âWe are effectively introducing massive export controls against China,â Alperovitch said. But while he supports isolating Chinaâs technology sector, he warned the move could also incite digital retaliation by China.
His fellow panelist Heather Adkins, Googleâs vice president of security engineering, countered with cautious optimism.Â
âI think a lot of companies are much better informed,â she said, citing hard lessons learned about ransomware attacks and cryptocurrency heists. âIt's much more real for them.â
Adkins emphasized such advances in resilience as cloud services that allow faster restoration of apps and data. âThe ability to recover from attacks is just as important as the ability to prevent them,â she said. âBecause no matter what, we're all going to get hacked.âÂ
A documentary series screened before moderator Chris Frates(Opens in a new window) interviewed Adkins and Alperovitch made that point for her. The first episode of the Google-produced series Hacking Google(Opens in a new window) covers how the tech giant scrambled to respond to a Chinese hack of its systems(Opens in a new window) in 2009, with prominent appearances by Adkins and Alperovitch.
At the end of the panel, Adkins voiced confidence that we can âget out of this problem where you get malware on your machine and suddenly it hijacks your whole life."
Alperovitch stayed pessimistic. âWe're facing a sentient opponent,â he said. âJust like we will never solve crime, we will never solve cyber.â
Identifying What's Most at Risk
So how can Washington reduce these risks? The Axios event began with cybersecurity reporter Sam Sabin quizzing National Security Council tech-security advisor Anne Neuberger about the Biden administrationâs agenda.Â
Neuberger said that since last springâs ransomware attack against Colonial Pipeline, the administration has taken a sector-by-sector approach to identify infrastructure most at risk and raise minimum standards of defense.
âThe goal is looking across all of critical infrastructure and ensuring that it cannot be disrupted, whether by a nation-state or by criminals,â she said.
Recommended by Our Editors
But even after such public debacles as the Colonial hack taking some 5,500 miles of pipeline offline, Neuberger said some industry executives needed convincing, which the White House offered in classified briefings sharing context they couldnât see in their offices.Â
The administrationâs next move will focus on customers: As the White House announced Tuesday(Opens in a new window), it will develop an Energy Star(Opens in a new window)-style cybersecurity label so that shoppers can know to look for that certification.Â
Another security shift is drawing near at the Federal Communications Commission, which is drafting an order to ban US purchases of hardware from the Chinese firms Huawei and ZTE.
Neuberger said Chinese laws required the US to take that step to protect the privacy of American citizens: âWe know the regulations in China, which require the companies to provide data on demand.â (No, TikTok did not come up in this discussion.)Â
One of her predecessors in previous Republican administrations gave these efforts a cautious thumbs-up in the eveningâs final talk. Trinity Cyber(Opens in a new window) President Tom Bossert, a homeland-security advisor under Presidents George W. Bush and Donald Trump, told Sabin that the current White House speaking publicly about these risks represents a welcome change.
But, he added, the administration should prioritize adapting to lessons learned over sticking to an announced plan: âI want them to be willing to give up on failed attempts quickly.âÂ
(Disclosure(Opens in a new window): Google licensed a photo I took at a security conference for inclusion in the Hacking Google documentary.)
Like What You're Reading?
Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.
This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.
Gloss