The first rule of strategy is to not boast about what you’re doing to your adversaries when you have glaring weaknesses of your own.
But that’s exactly what the Trump administration has been doing by incessantly talking about America’s offensive cyber capabilities.
Last week, the administration disclosed the Pentagon mounted a cyber operation to prevent Iran from seizing tankers. It’s unclear how successful the campaign was given several ships have already been seized by Iran. In the wake of Tehran’s downing of a Global Hawk surveillance drone this summer, President Trump halted air strikes, but proceeded with an offensive cyber operation that also was revealed.
On Friday night, Trump on Twitter denied involvement in an explosion at an Iranian rocket test site, posting a photo of damage the Semnan Launch Site One he said happened during final launch preparations for a Safir rocket. That America’s president denied something that Iran hadn’t revealed raises questions whether Trump is merely trolling Tehran or that Washington or Jerusalem were involved and if so how.
It’s only a matter of time that we’ll learn what happened in Iran and whether it was an accident or sabotage, including involve cyber means.
But in an astonishing blockbuster story earlier this summer, The New York Times reported Washington had installed software into Russia’s electric grids as both a warning and potential weapon to be triggered in the event of a future confrontation. More worrying, administration officials publicly talked up the operation, as if publicly taunting Moscow would somehow convince Russia from retaliating.
The revelations the administration has made about America’s offensive cyber capabilities over the past two years are as alarming as they are unnecessary.
The administration’s supporters maintain it’s about time America flexed its offensive cyber muscles as a deterrent to Russia and China’s incessant intrusions. Only if the US starts to hit back twice as hard as it’s hit, will its adversaries learn painful lessons and stop their malign activities.
Other analysts suggest a more practical reason for the revelation. Washington’s offensive operations may have been detected, prompting officials to reveal the operation to make clear the administration isn’t fooling around.
Both are unsatisfying answers. The reality is, this administration is simply talking too much about offensive cyber operations at a time when it’s relative advantage over its adversaries is hard to gauge. Once, America enjoyed a towering cyber advantage. Today, not to much.
Self-satisfied blabbing about US cyber prowess at a time when too much of America’s government or civilian cyber infrastructure — whether cities large and small, facilities, businesses, communications systems and even cars — remain vulnerable to hacking or worse, attack is downright foolhardy and dangerous.
Before bragging about how its breaking into the networks of other nations with a proven ability to be persistent cyber foes, it’s vital the administration do more to secure America’s infrastructure first.
In its annual assessment, the Government Accountability Office found that while security of US networks is improving, vulnerabilities remain as more than 70 percent of past recommendations for improvement had yet to be implemented.
Investment has been made at safeguarding networks at power plants and other critical infrastructure, but nowhere near good enough to defend against first-rate Chinese, Russian, Iranian, North Korean or criminal capabilities.
Throughout the summer, major cities like Baltimore and 22 small Texas towns were subjected to ransomeware attacks. On what was the third such attack, Baltimore decided against paying the ransom in favor of building a more secure network from scratch. Ransomware, however, remains popular because other cities, like Riviera Beach, Fla., decided to pay $600,000 to get its data back.
Throughout its history, America has been rightly tightlipped about its most game-changing capabilities.
For decades, one of those capabilities has been the nation’s formidable cyber prowess including the ability to execute sophisticated and complex offensive operations that adversaries had trouble detecting much less reacting to American operations.
During those decades, even those intimately involved with such offensive operations wouldn’t even acknowledge their existence, much less blithely talking about them in public. Such operations have been used to great effect in an entirely clandestine way unknown the the target of the operations — or openly enough that the target understands what happened as a warning.
That began changing with the last administration.
Stung by the comprehensive revelation of US capabilities by Eric Snowdon and under intense pressure to deter Chinese, Iranian, North Korean, Russian and criminal cyber intrusions, the which began to discuss national capabilities as a means of deterring ever more aggressive and persistent penetrations of US networks.
Toward the end of the Obama administration, stories surfaced how the White House had authorized sophisticated cyber operations to thwart North Korea’s missile programs.
A stream of senior officials like former Marine Corps Commandant Gen. Bob Neller and top analysts have noted — the United States has been at full-scale war in cyberspace for the past decade.
The nature of the conflict demands devolving authority to use such weapons from the office of the president down to operational commanders.
Trump authorized the change to ensure that in an era of fast-moving cyber operations, commanders can move faster to deter as well as punish aggressors.
That’s a good move, but the administration should recognize that if you’re at war against sophisticated adversaries able to penetrate your most classified networks, remain in them for many months despite extensive efforts to dislodge them, able to steal your most sensitive corporate and government secrets including the personnel records of every government employee and most Americans, you’ve got little reason to brag.
Indeed, Russian President Vladimir Putin has repeatedly demonstrated his willingness to use highly sophisticated cyber operations for espionage, disinformation, election meddling and other malign activity.
Ditto for China that has been as aggressive in cyberspace, deploying a vast force to exploit what is a new domain of warfare.
As for Putin, it’s unlikely he will quietly retreat. He’s going to look for the cyber land mines and hit back at a time and place of his choose to get even.
Ah, but what if it was just a bluff all designed to panic Russian leaders and set them on a wild goose chase? Ok, so what, it’s not like Russia won’t retaliate.
Here it may be worth learning from Israel, which regards cyber as a domain of warfare. In a war, an adversary will attack your your nation, it’s infrastructure, financial institutions and even citizens. They recognize that such an attack could come from missiles and bombs or lines of code. Both can be equally devastating. That means securing your nation and what it holds dear is critically important.
It’s imperative America investment in cyber technologies for defense and offensive, including novel concepts to deter, penetrate, fight and defeat as necessary. Developing the people with the requisite skills and sophisticated weaponry are all vital.
But first, it’s equally critical we get out house in order before bragging about what we’re doing to other people’s houses, especially when those other people may be as heavily armed and dangerous as we are — and are likely to want to get even.