General Discussion
Related: Editorials & Other Articles, Issue Forums, Alliance Forums, Region ForumsUS lacks credible response to Chinese hacking
A new report by the US National Security Agency (NSA), Central Intelligence Agency (CIA) and the Federal Bureau of Investigation (FBI) reveals just how difficult, if not impossible it is, to fix cyber vulnerabilities caused by Chinese-supported intrusions.
It does not offer an alternative to current-day computing networks and is indifferent to Cloud-based networks as being any more secure than wired networks.
The bottom line is that the critical infrastructure, which includes key industries, business, government and military systems, remains hostage to Chinese hacking and represents a major national security danger to the US and its allies, far surpassing the Russian ransomware attacks that also have hit some infrastructure targets.
The report is titled Chinese State-Sponsored Cyber Operations: Observed TTPs.
A key finding of the report is the massive intrusion of Microsoft Exchange servers, which Microsoft advertises as efficient and secure. The report makes clear this is not the case.
https://asiatimes.com/2021/07/us-lacks-credible-response-to-chinese-hacking/
The US has a long way to go to develop the technical capabilities and operational discipline to secure its critical IT infrastructure. Besides the expertise needed and the expense involved, there are two political problems:
1. US leadership includes too many lawyers who think that cyberattacks can be deterred by laws and legal enforcement measures, rather than by designing and implementing defensive technical measures.
2. US leadership includes too many security establishment types who fear that making IT infrastructure more secure will blind their organization's law enforcement and counterintelligence activities.
In the absence of adequate defensive measures, the logical and most effective technique is to go on the offensive against both State and non-State actors. Our offensive capabilities are formidable and second to none, let's use them and discourage further attacks.
Klaralven
(7,510 posts)The US has a lot of soft targets.
inwiththenew
(972 posts)When the Chinese hacked the Office of Personnel Management.
[link:https://en.wikipedia.org/wiki/Office_of_Personnel_Management_data_breach]
We are constantly playing whack a mole with Chinese and Russian hackers.