American Cyber Defenses Must Meet the Moment to Defend Against Cyber Attack Surge

Cyber-attacks targeting the U.S. government have reached an unprecedented peak. These attacks, ranging from targeted ransomware attacks to sophisticated state-sponsored cyber campaigns, pose a serious threat to critical infrastructure and sensitive national security data. This surge underscores the need for comprehensive cyber defenses to safeguard U.S. national security.

The newest report from the Cyber Safety Review Board (CSRB) - a public-private advisory body established in February 2022 to improve U.S. cybersecurity resilience - should raise alarm about the state of our country's cyber defenses. The March 2024 report, which the Department of Homeland Security (DHS) released to the public in April, dissects how Chinese state-sponsored cyber attackers accessed critically important national security data in a breach targeting Microsoft's cloud environment. Among other things, the malicious cyber actors "accessed the official email accounts of many of the most senior U.S. government officials managing our country's relationship with the People's Republic of China." The CSRB called this "the espionage equivalent of gold."

Notably, this breach occurred only months after this warning issued in the National Cybersecurity Strategy: "The People's Republic of China (PRC) now presents the broadest, most active, and most persistent threat to both government and private sector networks and is the only country with both the intent to reshape the international order and, increasingly, the economic, diplomatic, military, and technological power to do so."

The CSRB report is a reminder of the national security stakes involved in strong cybersecurity processes. Without innovation and proactive measures designed to boost cybersecurity capabilities, online defense measures become stagnant and out of date, providing attackers with the time they need to breach our defenses. Ultimately, those responsible for defending our national security-both government agencies and private industry across the critical infrastructure-have a responsibility to build better and better capabilities to prevent and identify the ever-evolving nature of cyberattacks.

The report also notes that a "cascade" of "avoidable errors" led to and magnified the impact of the Microsoft attack. And while some cyber attackers are capable of breaching sophisticated defenses, we must be wary of settling into an acceptance that some breaches are simply the cost of doing business. That's where a robust system of competition for these types of federal contracts can play a role. An overreliance on any one vendor is bound to create problems for government customers, and as has been argued many times over in the ongoing debate about competition in the tech sector, competition is often the best driver for a better product and in the best interest of consumers - which in this case, is the federal government.

Put simply, our government needs the best, most efficacious and most proactive technological solutions to meet its unique needs for the highest quality of service. It must do better than keep pace with malicious actors, who are intent on making use of the latest available technology to exploit vulnerabilities. As the President declared in the May 12, 2021 Executive Order on cybersecurity, "Protecting our Nation from malicious cyber actors requires the Federal Government to partner with the private sector. The private sector must adapt to the continuously changing threat environment, ensure its products are built and operate securely, and partner with the Federal Government to foster a more secure cyberspace."

Additionally, what happens in the aftermath of a cyber-attack is just as important as the preventative measures designed to stop them. Incidents are bound to happen no matter the policies and procedures that a company has in place. Careless mistakes, however, raise the risk. Transparency and accountability in the wake of a cyber-attack are critical. A quick response can minimize the damage of a cyber-attack, and incident and vulnerability disclosure practices are essential to stop similar attacks in the future.

As cyber-attacks against the U.S. continue to surge, it is critical that our cybersecurity strategy evolves to safeguard American national security. Proactive measures are paramount, and transparency and accountability are essential. Together, these measures can prevent cybersecurity pitfalls.