Ed. Note: This article first appeared in the merkle
Before Donald Trump became President Donald Trump, he made public his lack of knowledge regarding digital technology. At one of the presidential debates, Trump lumbered through an incoherent argument on cybersecurity, making statements like “The security aspect of cyber is very, very tough. And maybe, it’s hardly doable,” and “When you look at what ISIS is doing with the Internet, they’re beating us at our own game.”
However, all those months ago, one thing President Trump said about cybersecurity actually rang true: “We have to do better.”
While many U.S. citizens remain fearful of car bombs and hijacked planes, terrorism is slowly and surely moving online.
In recent years, terrorist groups have attacked a number of organizations, including Sony, Microsoft, and Ashley Madison, and it won’t be long before nations begin waging fully cyber-wars.
Just before he left office, Obama began making moves to counter cyberterrorism and protect the U.S. against cyber-warfare with a commission on enhancing national cybersecurity, but one study found that nearly 75% of intelligence officials doubt Trump understands the gravity of protecting “the cyber.”
Thus, in a time when governments should be investing in cyber-protections to safeguard its people and assets, America might be leaving its secrets and therefore its citizens vulnerable.
AVENUES FOR CYBERWAR
In 2010, cybersecurity experts identified the first-ever digital weapon, malware called Stuxnet that could cause physical damage – potentially on a massive scale.
The malicious files can easily manipulate a computer, like any other virus; however, more importantly and absolutely unique to Stuxnet, the files can control any equipment infected computers control.
In the case of Stuxnet, that meant the centrifuges at a uranium enrichment facility in Iran, but it could mean the controls within nuclear reactors or nuclear warhead sites.
Stuxnet proves that not only is cyber-warfare possible, – it is probable, and it could happen in the near future.
However, even this type of cyber-warfare is developing at a relatively slow pace.
More often, cyber-aggression takes a form similar to the attacks on Sony Pictures, which the U.S. government claims were ordered by North Korea.
That same year, North Korea saw its entire web and internet infrastructure go down for nearly 10 hours after an attack that many suspect was retaliation from the U.S.
This is the cyber-warfare most experts expect: theft of data and disabling of systems.
It is already occurring, but the U.S. is woefully unprepared to handle increasing threats, and in many ways it is leaving private citizens to fend for themselves with maximum internet security software and other small-scale, individual protections.
HOW THE GOVERNMENT COULD RESPOND
President Trump and his administration could address the looming cyber-threats head-on with a strong plan for nationwide security.
The most pressing issue, many experts agree, is that the tech industry remains largely unregulated.
Most of the IT infrastructure used by citizens, businesses, and the American government is wholly in the hands of private enterprises, which are interested primarily in producing new, exciting, and profit-making products, often regardless of their security.
Ideally, the government would draw strict lines between private and public cybersecurity roles and create mandatory standards for private devices – but the GOP’s fondness for deregulation makes this action unlikely.
Trump could inspire change in the tech industry by leveraging the government’s position as perhaps the largest customer of technology.
Demanding vendors meet certain security standards would spark competition for advanced security throughout the industry as hopeful companies contend to win coveted government contracts.
Never before has the government used acquisition requirements; instead, there are recommendations, but even those are not stringent enough – they pale in comparison to suggestions the government gives to banks.
Finally, the government could open its doors to cybersecurity professionals, teaching them what it knows about existing and emerging cyber-threats.
As it is, security experts often learn about threats after they have already wrought havoc on businesses and citizens.
Government trainings could help the tech industry get ahead of digital dangers, helping everyone become better protected.
In his short time in office, President Trump has weathered an inordinate amount of allegations about cyber insecurity – first that the Russians hacked political groups to influence the election, then that Obama and the CIA digitally infiltrated Trump’s campaign.
If the cyber-scandals already affecting President Trump’s legacy do not spur him to improve America’s cybersecurity, perhaps a full-on cyberwar will.