State-sponsored hacking once again captured countless headlines this year with news of Russia’s interference with Brexit, China’s alleged installation of malicious microchips into servers used by U.S. companies, North Korea’s bank hacking with APT38, and more. Around the world, countries are responding with increased regulation, and even dedicated government cybersecurity units like U.S. Cyber Command and the U.K.’s new cyber defense force. The question is, are government cybersecurity units ultimately good or bad?
In a recent GeekWire article, Ricardo Arroyo, Sr. Technical Product Manager at WatchGuard, explores the topic of government-driven protection – the good, the bad and the bureaucracy.
He mentions that capitalist-based economies rarely make cybersecurity a top priority without financial or legal incentives. With the birth of GDPR, the California Consumer Privacy Action of 2018 and new government cyber units, it’s clear that that the world is placing a higher emphasis on security. Although there are downsides, government cyber units can be a good strategy to prevent and combat malicious actions from outside threats. Ricardo also points out that these units are beneficial in that they force the subject of security out of the shadows, and can spur greater security innovation and expertise.
However, it’s not all positive. In the article, Arroyo covers into what it takes for government cybersecurity units to function effectively, including stockpiling and using exploits. Ultimately these practices can put public and private organizations at risk. He explains:
“Before we dive into the issues with government cyber units, it’s important to understand what it takes for these organizations to accomplish their goals. The U.S. Military Joint Publication 3-13 defines cyber warfare (a.k.a. Computer Network Attack, or CNA) as “actions taken via computer networks to disrupt, deny, degrade, or destroy the information within computers and computer networks…” and cyber intelligence gathering (a.k.a. Computer Network Exploitation, or CNE) as “intelligence collection via computer networks that exploit data gathered from target or enemy information systems or networks. The success of these actions is wholly predicated on having access to the target’s computer or network.”
So what’s the verdict? Good, bad or bureaucratic? Read Arroyo’s full article on GeekWire for the complete assessment, or dig deeper into this topic via two recent 443 podcasts on Secplicity titled “Nation State Attacks” or “Where Do Hackers Come From?”