U.S. military cyber experts play on American fears of Chinese hackers shutting down U.S. power plants and financial systems to justify massive investments in cyber improvements for the Defense Department.
That’s why it comes as a surprise that a cyber defense report ranked China well below two Scandinavian countries and Israel for its cyber defenses. For that matter, the U.S. even fell behind Sweden, Finland and the Israelis when it comes to protecting against cyber attacks, according to a report issued by Security & Defense Agenda, a Brussels-based think tank.
Most cyber attacks still emanate from computers based in the U.S. and China with the U.S. being the worst offender, said Jason Healey, director of the Cyber Statecraft Initiative of the Atlantic Council. Yet those two countries lag behind others when responding to attacks, according to the report.
The Pentagon’s acquisition system is woefully slow in keeping up with new cyber technology that hackers use to penetrate the Defense Department’s network, said Robert Lentz, former U.S. deputy assistant secretary of defense for cyber.
A panel of experts hosted by McAfee, a cyber security company that partnered with Security & Defence Agenda to publish the report, agreed the U.S. military and other federal agencies have a lot of ground to make up to protect against evolving cyber threats.
Phyllis Schneck, McAfee’s chief technology officer, urged the military to consider buying commercial-off-the-shelf technology to protect its networks rather than constantly trying to innovate its own.
Defense officials have identified a recent computer virus coming from China that targets service members’ common access cards and steals the pins to hack into defense computer networks.The cyber panel that met in Washington D.C. on Monday said the government must increase the amount of information they share with private firms about how they protect against attacks.
“The government only inhales, it never exhales,” Healey said.
Government officials protect too much of their cyber defense strategy behind classified barriers making it tough for private firms such as Microsoft or Google to help the government in case of a cyber attack.
“A cyber war is going to be won or lost in the private sector. If you’re under attack who do you really want on your side, [Department of Homeland Security] or McAfee and Microsoft?” Healey asked.