America’s cybersecurity failings have received lots of attention in recent years. Yet most Americans dramatically underestimate the breadth and complexity of this challenge.
And so on.
These are the headlines. Bad enough. But underneath most people’s radar is an endless stream of striking facts, such as the announcement by the IRS — which hosts massive troves of highly sensitive information about American citizens — that it experiences 1.4 billion cyberattacks a year.
Second, what we don’t know about cyber intrusions is even more staggering. Hackers can infiltrate computer networks and cause trouble without being detected. The Russians, for example, have been roaming inside numerous key federal government departments (including the departments of State, Homeland Security, Commerce and Energy) for many months. No business or government can achieve full visibility into its cybersecurity posture. We simply don’t know the full extent of cyber intrusions, the damage they cause and the potential for additional harm.
And we never will.
This is a basic fact of the cyber world: The internet connects computer networks in an elaborate global web which millions of sophisticated entities traverse skillfully and anonymously. And often maliciously.
This combination — of what we know and what we don’t know about cybersecurity — requires exponential strengthening of the U.S. government’s offensive and defensive cyber capabilities.
Cybersecurity is, indeed, not just one discreet aspect of our national security, such as our land or air capabilities. Computer networks undergird and pervade our entire national security infrastructure — which, of course, must be connected digitally in order to function. We must have cyber capabilities that exceed those of our adversaries, for the same reasons our traditional military capabilities must do so.
The internet has made the world not just flat but deeply interconnected. U.S. government agencies and businesses are comprehensively linked by computers to every nation in the world. All at once. The potential for damage to our national interest is incalculable.
Right now, for instance, Russian cyber warriors are rummaging through large repositories of highly sensitive and confidential U.S. government information. That we know. But what don’t we know? Who else may have infiltrated our government’s information technology systems? Where is the iceberg’s tip and where is its core? The need for a transformative increase in our cybersecurity capabilities is urgent.
A paradigm shift in how we think about cybersecurity — from a discrete and emerging dimension of international relations to a central feature of our national defense — must happen. Not before it’s too late; it already is. But before hackers inflict fundamental and irreversible damage to our way of life.
William Cooper (email@example.com) is a cybersecurity expert who has written for The Baltimore Sun, New York Daily News, Wall Street Journal and USA Today, among others.