At a glance.
- Inglis confirmed as US cyber czar; Easterly's nomination to head CISA on hold.
- Calls for retaliation and deterrence in the aftermath of the Russo-American summit.
Chris Inglis confirmed as US cyber czar.
The US Senate having unanimously confirmed Chris Inglis as national cybersecurity director (see the reports in BankInfoSecurity and TheHill for details and Congressional reactions), some industry experts are expressing satisfaction with the appointment. Ryan Gillis, vice president, cybersecurity strategy and global policy at Palo Alto Networks, thinks the appointment a very good one: "Chris Inglis brings deep experience countering and responding to the nation’s cybersecurity threats and is uniquely prepared for the work and collaboration it will take to continue improving the government's cyber posture. Palo Alto Networks looks forward to continuing to support the government’s critical cyber mission."
Meanwhile the other pending senior cybersecurity appointment, that of Jen Easterly to the directorship of the Cybersecurity and Infrastructure Security Agency (CISA), has been placed on hold during a Senatorial dispute over immigration enforcement along the US-Mexican border. CISA is part of the Department of Homeland Security, which is responsible for border control.
Retaliation and deterrence.
NPR has an account of the ransomware-as-a-service industry, and President Putin’s ability to curb it. Since cybercriminals aren’t in the Kremlin’s innermost clique, a properly incentivized President Putin could intervene. Whether adequate stressors have been applied may become apparent in the coming weeks.
Bloomberg highlights the importance of enforcing the Biden Administration’s new red line with proportional responses to any violations, since President Putin “is almost sure to test Biden’s resolve,” perhaps going so far as to “launder” future campaigns through foreign contacts. The chosen responses should respect international law to secure allies’ backing and prevent escalation, but must be strong enough to change Russia’s cost-benefit calculus, which currently favors flaunting global norms. Washington’s red line signals Government concern for industry and paves a path for other countries to follow.
The Hill argues for a whole-of-nation “strategic defense initiative” encompassing public education, workforce development, network defenses, public-private threat intel-sharing, diplomacy, norms, allied pressure, and counter-measures, without which President Putin will keep leveraging his asymmetric cyber advantage.
KPC News underscores President Biden’s disadvantage relative to President Putin in executing unilateral policies and operations in a fast-paced environment, but notes US intelligence services’ past success at infiltrating and compromising Soviet critical infrastructure. We will know the impact of the Biden Administration’s recent attempts at peacekeeping and deterrence by its fruits: “if the cyber attacks stop, or if the lights in Moscow flicker off one night.”
Newsweek observes that Russian hackers have been tiptoeing towards the US’ red line, at the risk of provoking a military response, given the ambiguity of cyber norms. NATO last week clarified that cyberattacks can qualify as armed attacks that trigger Article Five, and responses to them can be kinetic. The US and Israel have already imposed physical consequences for cyberattacks perpetrated by ISIS and Hamas. Cyber talks are needed to establish ground rules and prevent misunderstandings, just as nuclear talks were needed during the Cold War. President Putin has expressed interest in “no-first-strike” agreements and other high-level cyber negotiations.
Wired stresses the “long road ahead” to altering Moscow’s conduct despite tough talk from Washington and dubious invitations from the Kremlin. President Putin’s inducements to meddle with US democracy are compelling, and his overhead has been negligible. Social media, for example, is still an efficient and inexpensive vehicle for disinformation. The current diplomatic efforts, according to an unnamed US official, are aimed at “destructive” attacks, not spying operations. Work remains to be done on setting the precise parameters for in and out-of-bounds activity, and some of these conversations may continue to take place behind the scenes, in order to allow President Putin to save face. The media may also be wise not to overhype limited Russian cyber victories, to avoid burnishing the Kremlin’s reputation.
NATO last week issued a communiqué that affirmed the Alliance's concerns about Russian activities in cyberspace (including its practice of permitting cybercriminals to operate from Russian territory against international targets, including critical infrastructure). It also affirmed that the Alliance would consider invoking Article 5, its collective defense clause, on a case-by-case basis in response to cyberattacks. The Washington Post reported this morning that the Tallinn Manual on the International Law Applicable to Cyber Operations, the NATO-sponsored document that’s occupied a leading position framing discussion of cyber conflict, will be undergoing its third revision, the first since 2017.