Experts Weigh In On How U.S. Should Respond To Massive Computer Hack
NOEL KING, HOST:
How should the U.S. government respond to a computer hack that breached both government networks and private companies? Most cybersecurity experts think Russia is responsible for the hack. And NPR's national security correspondent Greg Myre has been talking to some of them. Good morning, Greg.
GREG MYRE, BYLINE: Good morning, Noel.
KING: Perhaps most importantly, is the hack over?
MYRE: Absolutely not. It's still ongoing, and we're continuing to learn details. We've heard now that the Treasury Department hack occurred in July. And, like other government departments, this was just uncovered in recent days. The email of top officials was hacked, though apparently not the account of Treasury Secretary Steve Mnuchin - also, no evidence that classified systems were breached. This information has come from Democratic Senator Ron Wyden, who was briefed on the matter.
And we can expect this kind of information to sort of dribble out in the weeks and months ahead as government agencies and private companies go through their computer networks. But clearly, much of this is going to fall on the Biden administration to make sure the hack inside government computer networks is over, that there's clear attribution on who did it and then to decide how to respond.
KING: These major breaches have happened before. Does the government have a strategy to deal with them?
MYRE: No, absolutely not. Again, there are no rules or red lines or clear consequences for adversaries who get caught. Now, to date, what we end up seeing is lots of hand-wringing and ultimately some sort of limited responses. Right now with this current hack, we're seeing wrestling over the definition. Some members of Congress call this an act of war. Now, cyber experts in the intelligence community do see it as a big deal but more along the lines of traditional espionage, albeit on a massive scale. I spoke about this with P.W. Singer, a cyber expert at the New America think tank.
P W SINGER: This was not an act of war. This is more Cold War-style back-and-forth espionage, stealing of secrets. That's why you've seen the reaction from the intelligence community to be a mix of, oh, my God - what just happened? - and, gosh, we've got to tip the hat to them; what a coup for them.
KING: So if there is no clear way to respond, Greg, what are the range of options here?
MYRE: Well, traditional spying might generate public criticism, kicking out suspected spies or perhaps some sanctions. But when this has happened, it really hasn't changed the behavior of Russia or any other adversaries. They still see hacking as a low-cost, high-return proposition. Singer says the U.S. can and needs to do much more and should create deterrence in two ways, gave a boxing analogy, saying the U.S. needs to punch back harder and also develop more resiliency to absorb the growing number of cyber blows.
SINGER: I make the parallel to Mike Tyson - you don't hit him 'cause he'll punch you back in the face - versus Muhammad Ali - rope-a-dope, right? - through resilience, where you don't hit me because it just won't work out for you.
KING: What else do we know? So we know that the government and private companies were both hacked. What do we know about the private companies? We haven't heard that much from them. Have we?
MYRE: No, that's right, but we are hearing more. The hackers clearly targeted many tech companies, and this makes a lot of sense. They - the hackers clearly want these cutting-edge cybertools that these companies have so, presumably, the hackers can use them themselves. And the first organization to detect this hack two weeks ago was FireEye, a prominent cybersecurity firm.
FireEye CEO Kevin Mandia spoke with NPR's All Things Considered yesterday, and he said these hackers were extremely sophisticated, and once they got into the system, they carried out an operation that was specifically designed to attack FireEye. He realized very early on, as they launched their own investigation, that this was a level of tradecraft he'd never seen before. And he said the scale of this hack really drives home the need for a strong national cyber policy.
(SOUNDBITE OF ARCHIVED NPR BROADCAST)
KEVIN MANDIA: It's time this nation comes up with some doctrine on what we expect nations' rules of engagement to be, and what will our policy or proportional response be to folks who violate that doctrine? Because right now there's absolutely an escalation in cyberspace.
KING: It just seems astonishing that we don't yet have the doctrine in the year 2020. The U.S., however, does have a lot of cybersecurity might. What is preventing us from using it more effectively?
MYRE: Noel, you're still seeing a lot of things that are in the works. Homeland Security's cyber agency was just launched in 2018. It focused on the elections this year and, by all accounts, did a good job. Right now, there's the military authorization bill on the president's desk waiting to be signed. It has money for additional cyber upgrades. And by all accounts, you're seeing a lot more cooperation between the government and private tech companies.
But this country is losing huge sums of money due to these cyberattacks. And a couple years ago, the NSA director, Paul Nakasone, was at his confirmation hearing, and he was asked if adversaries fear the U.S. in cyberspace. He said, the answer is absolutely not.
KING: NPR's Greg Myre. Thanks so much, Greg.
MYRE: My pleasure. Transcript provided by NPR, Copyright NPR.