The flurry of cyber strategies from the White House and the Pentagon will require a new set of tools and tactics, government officials and experts said during the CyberCon conference hosted by Fifth Domain Nov. 1.
After President Donald Trump and the Pentagon unveiled cyber strategies that promised greater offensive operations earlier this year, the government will increase its attribution of bad actors and need to have greater intelligence collection, the experts and government officials said.
The White House cyber strategy’s biggest change is an emphasis on attributing bad actors in cyberspace, Dave Frederick, the chief of strategic counter cyber operations at the National Security Agency told reporters after the event.
Attributing and indicting foreign hackers in cyberspace can be a deterrent for their offensive cyber operations, said Megan Stifel, a nonresident senior fellow at the Atlantic Council. Even though Stifel said that charging foreign hackers is not likely to lead to arrests, she argued it was important to create norms in cyberspace.
In recent months, the Department of Justice has indicted a slew of Russian, Chinese and North Korean hackers. Many of those attributions have taken place in coordination with foreign governments.
The process of attributing hacks in cyberspace is much more complicated than is commonly believed, said Eric Brown, a vice president at ManTech, a cybersecurity contractor. He said that the emphasis of attribution in the cyber strategies will require new tools for business and government.
“The amount of intelligence and resources to come up with a high-confidence attribution is just baffling,” Brown said.
Beyond the process of attribution, the new cyber strategies embrace the idea of “defending forward,” or having intelligence of an enemy’s offensive cyber operations before it takes place, Clark Cully, a cyber adviser at the Pentagon said during the event.
The increased intelligence and offensive operations will require new tools, said Brown.
The new capabilities may require more congressional oversight, said Matthew Rhoades, a managing director at the Aspen Institute.
Currently, lawmakers receive quarterly briefings from the Pentagon regarding offensive cyber operations. However lawmakers have shown little initiative to restrict the president’s new cyber authorities. Lawmakers have told Fifth Domain that they support much greater offensive cyber operations and are not as focused on oversight.
Even though some officials say the cyber strategy may promise a new era, Cully, said that manpower underlies all of American digital operations.
“Technology is important, but per the last strategy, per this strategy, and per the next strategy … people are the most important part.”