A document released by the Defense Department says that the United States is unlikely to succeed in the global battle on cybersecurity.
The Joint Chiefs of Staff issued the document, recently reported by The Washington Free Beacon, in which they determined the United States cannot obtain dominance in cyberspace due to various limitations in offensive and defensive capabilities.
“Permanent global cyberspace superiority is not possible due to the complexity of cyberspace,” the report said.
“Even local superiority may be impractical due to the way IT is implemented; the fact U.S. and other national governments do not directly control large, privately owned portions of cyberspace; the broad array of state and non-state actors; the low cost of entry; and the rapid and unpredictable proliferation of technology,” the report explained.
“The ability to hide the sponsor and/or the threat behind a particular malicious effect in cyberspace makes it difficult to determine how, when, and where to respond,” the report continued. “The design of the internet lends itself to anonymity and, combined with applications intended to hide the identity of users, attribution will continue to be a challenge for the foreseeable future.”
Only 15 percent of cybersecurity researchers believe the U.S. government and private sector is prepared to defend against a major cyberattack affecting critical infrastructure, according to Defense One.
Cyber Researchers Don’t Think Feds or Congress Can Protect Against Cyberattacks https://t.co/Ax3dn0msPo | @Joseph_Marks_ via @Nextgov pic.twitter.com/tq6jKvZ68M
— Defense One (@DefenseOne) June 27, 2018
The Joint Chiefs’ report advised military commanders to “be prepared to conduct operations under degraded conditions in cyberspace,” citing limited cybersecurity capabilities in the military.
The report explained that just one exploited network segment can compromise other networks.
“Therefore, it is imperative commanders be well informed of the status of the portions of cyberspace upon which they depend and understand the impact to planned and ongoing operations,” it explained.
Sen. Angus King recently urged the Department of Energy to “prioritize cyber defense – including re-establishing a role to coordinate between agencies, and formulating a cyber doctrine of deterrence.”
Today I urged the nominee for the top cybersecurity job at the Department of Energy to push the Administration to prioritize cyber defense – including re-establishing a role to coordinate between agencies, and formulating a cyber doctrine of deterrence. WATCH: pic.twitter.com/XL6BO1eBwP
— Senator Angus King (@SenAngusKing) June 26, 2018
The Departments have been working on plans to boost their cybersecurity capabilities.
In March, military cybersecurity chiefs spoke on Capitol Hill regarding the state of cyber networks in the military. They discussed, among other measures, upward trends in expansion efforts, including investments in new technologies, partnerships and readiness teams.
However, due to a global shortage of qualified cybersecurity professionals, the Defense Department is facing difficulties in hiring experienced teams, The Hill reported. A shortage of 1.8 million is expected by 2022.
Lockheed Martin announced last week that it would be moving to a 15,400-square-foot facility in Port San Antonio dedicated to expanded cybersecurity operations in an effort to land a $30 million contract with the Department of Defense.
The Joint Chiefs’ report noted: “The prosperity and security of our nation are significantly enhanced by our use of cyberspace, yet these same developments have led to increased exposure of vulnerabilities and a critical dependence on cyberspace, for the US in general and the joint force in particular.”