U.S. ‘Dangerously Insecure’ in Preparing for Major Cyber-Attacks
The U.S. Cyberspace Solarium Commission — a bipartisan body of lawmakers, intelligence officials and others — warned that the nation is “dangerously insecure in cyber,” and recommended a series of actions intended to avert damaging attacks on critical infrastructure and the financial system.
The commission’s approximately 80 recommendations include actions such as establishing new cybersecurity committees in both houses of Congress and creating an Assistant Secretary of State to lead a new cybersecurity bureau. It also called for creating a Bureau of Cyber Statistics and passing a national data security and privacy protection law.
“Our country is at risk, not only from a catastrophic cyber-attack but from millions of daily intrusions disrupting everything from financial transactions to the inner workings of our electoral system,” the solarium’s commissioners — U.S. Senator Angus King, an independent from Maine, and U.S. Representative Mike Gallagher, a Republican from Wisconsin — said in a joint statement on Wednesday.
The report stated that neither the U.S. government nor the private sector is prepared to meet today’s cyber threats and that existing shortfalls in preparedness are getting worse. The solarium’s report comes after years of warnings about potential cyber-attacks to the U.S. 2020 presidential election, the financial system and the power grid. Russia, Iran, China and North Korea are using cybertools in an attempt to gain an advantage over the U.S., intelligence officials and experts have warned.
The solarium’s report makes detailed recommendations in areas ranging from the reorganization of the government’s cybersecurity efforts to military and non-military tools for protecting the U.S. in cyberspace. Members of the solarium commission include lawmakers, former senior government officials, private sector and academic leaders, and current officials including Christopher Wray, director of the Federal Bureau of Investigation.
The report, in part, encourages the U.S. to “contemplate how would we restart, reboot, recover in the wake of a catastrophic attack,” Gallagher said in an interview. This preparation “sends a signal to our adversaries that should you choose to test us, we will recover and strike back with speed and resilience even in the worst-case scenario,” he added.
King, his co-chair, said in an interview that the U.S. also needs a “deterrence policy for attacks below the level of catastrophic attack.” The perception among adversaries that they can attack U.S. elections or government entities without real costs has led to a “gap” that the recommendations seek to address, he said.
The commission, created by Congress in 2019, was inspired by the 1953 Project Solarium, which was established by President Dwight Eisenhower to design a strategy for managing the threat posed to the U.S. by the Soviet Union. Its purpose is to “develop a consensus on a strategic approach to defending the United States in cyberspace against cyber-attacks of significant consequences.”