18 February 2015

Questions and Doubts About U.S. Intel Community’s New Cyber Defense Center

February 16, 2015

A new cyber intelligence unit makes sense but is not enough

BOTH THE Japanese attack on Pearl Harbor and the al-Qaeda assault of 9/11 took the United States by surprise. There were warnings of trouble but, as subsequent investigations showed, the intelligence was fragmentary and did not set off the proper alarms. President Harry S. Truman and Congress created the Central Intelligence Agency in 1947 out of a desire for high-quality, objective analysis and out of a determination that Pearl Harbor should never happen again.

This impulse has run deep through U.S. national security and intelligence during and since the Cold War. Now a relatively new threat is leading to surprise attacks on the United States. Some have been thwarted, but many are reaching their target. The cyberintruders who crept into the networks of Sony Pictures Entertainment removed e-mails, salary lists and other sensitive data, undetected, for three weeks before they executed a “wiper” order Nov. 24 to delete data and disable computers. The attack, blamed by President Obama on North Korea, underscored once again the vulnerability of those who depend on digital superhighways — which is to say, all of us.

The White House decision announced last week by Lisa Monaco, the president’s homeland security and counterterrorism adviser, to set up a new intelligence unit to coordinate analysis of cyberthreats is an attempt to learn lessons from the past. The organization is to be modeled on the counterterrorism center established after the attacks of 2001. To the extent that the new cyber center will yield better coordination, the logic is sound. But it is a second-order idea at a time when a first-order crisis confronts the nation.


Today’s cyberthreats demand more than drawing a new box on the government org chart. Ms. Monaco called the Sony attack a “game changer,” and there have been many others as well. Last week, it was disclosed that hackers from China managed to hijack the Forbes.com site and used it to attack the U.S. defense and financial industry. In many recent intrusions, the hackers overwhelmed existing network defenses. It is not at all clear whether the new unit proposed by the White House would change that. Locating this new agency within the Office of the Director of National Intelligence also raises doubts about how transparent and nimble it can be if ensconced behind the thick walls of U.S. intelligence classification and secrecy.

What’s urgently needed is a response that will bring the U.S. government’s sophisticated tools to bear on protecting private-sector networks — before they are attacked. Only Congress can do this, with information-sharing legislation that will bridge legal gaps and overcome suspicions. We hope this Congress will rise to the challenge. At a cybersecurity summit Friday at Stanford University, President Obama correctly appealed for cooperation between government and the private sector and signed an executive order promoting hubs for companies to share information on malware and other threats. But executive orders and new bureaucratic units are not enough. The country’s cyber enemies are unpredictable, capable of surprise and require a far more robust response than has been mounted so far.

No comments: