US lacks credible response to Chinese hacking

A new report by the US National Security Agency (NSA), Central Intelligence Agency (CIA) and the Federal Bureau of Investigation (FBI) reveals just how difficult, if not impossible it is, to fix cyber vulnerabilities caused by Chinese-supported intrusions.

It does not offer an alternative to current-day computing networks and is indifferent to Cloud-based networks as being any more secure than wired networks.

The bottom line is that the critical infrastructure, which includes key industries, business, government and military systems, remains hostage to Chinese hacking and represents a major national security danger to the US and its allies, far surpassing the Russian ransomware attacks that also have hit some infrastructure targets.

The report is titled “Chinese State-Sponsored Cyber Operations: Observed TTPs.”

A key finding of the report is the massive intrusion of Microsoft Exchange servers, which Microsoft advertises as “efficient and secure.” The report makes clear this is not the case.

https://asiatimes.com/2021/07/us-lacks-credible-response-to-chinese-hacking/

The US has a long way to go to develop the technical capabilities and operational discipline to secure its critical IT infrastructure. Besides the expertise needed and the expense involved, there are two political problems:

1. US leadership includes too many lawyers who think that cyberattacks can be deterred by laws and legal enforcement measures, rather than by designing and implementing defensive technical measures.

2. US leadership includes too many security establishment types who fear that making IT infrastructure more secure will blind their organization's law enforcement and counterintelligence activities.