April 28, 2021
Cyber Security Begins Abroad
The Russian Foreign Intelligence Service’s compromise of U.S. company SolarWinds and a variety of other information technology infrastructures has been described as “the greatest cyber intrusion, perhaps, in the history of the world.” According to the Biden administration, the hack gave the Russians the ability to compromise or disrupt potentially 16,000 computer systems worldwide, enabling collection of vast amounts of information from federal departments and agencies, private companies, and other victims.
On April 15, the Biden administration outlined its response. The White House formally attributed the campaign to the Russian Foreign Intelligence Service, expelled Russian diplomats from the United States, imposed sanctions on six Russian technology companies that support the intelligence service’s cyber operations, and issued a new directive imposing sovereign debt sanctions on Russia. The administration’s actions were impressive in terms of their scope, drawing on many U.S. response options simultaneously.
Working with foreign governments to make the internet a more secure place is not just a diplomatic opportunity. It should be a key national security priority.
While the most newsworthy aspects of Washington’s response to Russia was featured in the first two-thirds of the April 15 statement, the last section outlined important steps that will guide America’s international cyber policy for years to come. The Biden administration explained that it would be “supporting a global cybersecurity approach” through international capacity-building projects focused on enhancing understanding of the “policy and technical aspects of publicly attributing cyber incidents” and the provision of training to foreign partners on the applicability of international law in cyberspace. This effort highlights an often overlooked element of U.S. national security and cyberspace policy: Improved cyber security around the world and improved capacity to identify and hold accountable malign actors in cyberspace make the Internet safe for American users and everyone else. When the United States helps its international partners improve their own cyber security, the benefits reverberate across cyberspace.
For the United States, working with foreign governments to make the internet a more secure place is not just a diplomatic opportunity. It should be a key national security priority. International capacity building is particularly critical in cyberspace because threats from hackers, cyber criminals, and hostile intelligence services originate from all over the world. In addition, ensuring the resiliency of cyberspace on a global scale is imperative in countering China’s growing digital footprint and influence.
Read the full article from War on the Rocks.
More from CNAS
-
Five Objectives to Guide U.S. AI Diffusion
Commentary
The Framework for AI Diffusion (the Framework) is an ambitious proposal to shape the global distribution of critical AI capabilities, maintain U.S. AI leadership, and prevent ...
By Janet Egan & Spencer Michaels
-
Shaping the World’s AI Future: How the U.S. and China Compete to Promote Their Digital Visions
Commentary
As the United States navigates evolving global AI competition, balancing these elements will be crucial in determining whose AI systems — and by extension, whose approaches, v...
By Keegan McBride
-
Countering the Digital Silk Road: Brazil
Reports
Project Overview This year marks the 10th anniversary of the Digital Silk Road (DSR), China’s ambitious initiative to shape critical digital infrastructure around the world to...
By Ruby Scanlon & Bill Drexel
-
Promethean Rivalry
Reports
Executive Summary Just as nuclear weapons revolutionized 20th-century geopolitics, artificial intelligence (AI) is primed to transform 21st-century power dynamics—with world l...
By Bill Drexel
