Whether it’s foreign government meddling or corporate hacking, every day brings a new challenge in cybersecurity for the United States, said experts at a recent Hoover Institution media roundtable.

Fifteen members of the national media attended the October 1 discussion, “Outside the Beltway,” which included talks by scholars from the Hoover Institution and Stanford’s Center for International Security and Cooperation (CISAC), cosponsors of the full-day event. The media included the Wall Street Journal, NBC, CNBC, Bloomberg, Reuters, The Hill, CNET, Politico, The Washington Free Beacon, Axios, and RealClear Politics, among others.

Speakers included Herb Lin, Hoover research fellow and senior research scholar at CISAC; Alex Stamos, Hoover visiting scholar and CISAC fellow; Andrew Grotto, Hoover research fellow and research scholar at CISAC: John Villasenor, Hoover senior fellow; Irving Lachow, Hoover visiting fellow; Sean Kanuck, Hoover visiting fellow; Max Smeets, CISAC postdoctoral fellow; and Gregory Falco, CISAC postdoctoral fellow; and others from the private sector.

Cyber conflicts

Grotto said many cyber attackers disguise their operations by using another country’s cyber facilities and locations. He describes this as “third country issues,” which occur in cyberspace as well as on other fronts.

During the Cold War, for example, the Soviet Union used Mexico City as a base of covert operations against the United States, according to Grotto. Even though the United States lodged complaints with the Mexican government, the latter continued to allow the Soviet influence-peddling and spying activities.

Kanuck described how trends in cyberspace are producing outcomes such as “fake news,” “fake” and real crime, European data regulation, and an inability to develop unified, international approaches to cyber deterrence.

Looking ahead, he said we may encounter the first death from a malicious cyber activity, limitations on some cloud services, and continued attempts by foreign and domestic groups to influence elections through social media.

“This is a weapon and a space that is designed to help authoritarians,” Kanuck said, noting that open societies are much more vulnerable to cyber meddling than closed ones that can block websites, and censor and surveil their own people.

Finally, the world will likely one day witness the first official state-sponsored and acknowledged response to a cyberattack, Kanuck added. Russia, for example, is “clearly sending geopolitical signals” about its cyber strengths with its activities.

“Persistent Engagement”

With “bad actors” in Russia, China, North Korea, and Iran, Lin talked about current US policy in cyberspace and the “good, bad, and the ugly” of the situation. The US government’s recently unveiled strategy is dubbed “persistent engagement.”

Lin said that while the United States may understand the cyber domain it operates in, the prescribed “medicine” is not well understood. He explained that such an approach is untested, and it is unclear whether current assumptions about the nature of the threats will reduce cyber threats.

“There is no evidence from history of anywhere else to indicate that this strategy will lead to restraint on the part of the adversaries,” Lin said.

Max Smeets, a CISAC post-doctoral scholar, said it is not certain if current US cyber strategy is actually more aggressive, as not enough operational details exist right now. He spoke about his research into “cyber proliferation” and the difficulty of knowing exactly how many more states than the four noted “bad actors” are building serious offensive capabilities.

“Low Hum”

Asked about Russian election hacking in the 2018 midterms, Kevin Mandia, a speaker and CEO of the cybersecurity company FireEye, said, “We’re not responding to an elevated state of Russian activity right now. It’s more of a low hum,” different than what his company found during the 2016 election season.

He suggested that relying on diplomacy and holding nations accountable—and not following the “a good offense is the best defense” strategy—is a realistic approach to dealing with cybersecurity threats from closed society states.

The roundtable topics covered technical issues in cyber, cyber challenges past and present, cyber conflict, countries, companies, and cyber challenges, among others. The event also included a two-hour simulation exercise with participants assuming the roles of executives at a large, fictitious company that was under a major cyberattack.

 

MEDIA CONTACTS

Clifton B. Parker, Hoover Institution: 650-498-5204, cbparker@stanford.edu