A federal commission has determined that the US is not prepared to deal with a major-scale cyberattack.
The Cyberspace Solarium Commission recently published the results of its year-long analysis of the cyber risks faced by the country, concluding that the country is “dangerously insecure in cyber,” Forbes reported. The commission cautioned that “millions” of cyber intrusions occur daily, disrupting everything from financial transactions to even the democratic electoral process. However, a massive cyberattack aimed at America’s critical infrastructure and economic systems is the one sort of intrusion everybody should be worried about, the report said.
According to the commission, a major cyberattack on US infrastructure and economic systems would “create chaos and lasting damage exceeding that wreaked by fires in California, floods in the Midwest, and hurricanes in the Southeast.”
The federal report’s findings share similarities to those of another previous report prepared by the Federal Reserve Bank of New York, which found that a cyberattack on a major US bank could have overarching effects on other lenders – and even disrupt the greater financial system.
The report also noted that cyberattacks have allowed threat actors – such as nation-states – to cause damage to the US with impunity – “without triggering a significant retaliation.”
America’s increasing connectivity has also left it more vulnerable to cyberattack, the commission noted. With the digital landscape becoming more sophisticated and more individuals, businesses, and governments relying on technology, the more opportunities there are for threat actors to disrupt institutions. The Cyberspace Solarium Commission added that neither the federal government, nor the private sector are equipped to offer adequate data security, resilience, and trustworthiness to protect this digital landscape. The commission believes this is due to a lack in technical expertise, agility in responding to issues, and poor “unity of effort” between not just government agencies, but also between public and private sectors.
In conclusion, the report has called for a multi-layered approach to cybersecurity and mitigation of the damage caused by such intrusions. These layers include working with strategic allies to promote responsible cyberspace behavior; working with the private sector to secure critical networks; and maintaining a “credible capacity” to retaliate against threat actors targeting the US.