By: Tom Kellermann
CEO, Strategic Cyber Ventures
Winter is coming in 2017. Geopolitical tension will serve as the harbinger for destructive cyberattacks in 2017. In 2017; we will see a dramatic increase in the Pawnstorm campaign due to tensions with NATO over the security of the Baltics. We will see a resurgence of Chinese hacker activity in parallel with President Trumps isolationist rhetoric. Domestically, more disillusioned American voters will turn toward hacktivism to unleash their fury. These actors might swell the ranks of Anonymous and develop alternative organized hacktivist crews. What will be most interesting is how these attacks are leveraged and what they manifest. Given these harsh predictions we must redesign our defenses and manifest proactive public policy. Congress and the administration have a role in civilizing American cyberspace. Here is my cyber action plan.
- DOJ and the Federal Trade Commission should update their “Antitrust Policy Statement on Cybersecurity Information Sharing” (2014) to state clearly that antitrust laws should not pose a barrier to intra-industry coordination on active defense against cyber threats.
- Congress should reassess language in the CFAA and the Cybersecurity Act of 2015 that constrains private sector activity on active defense, to ensure that low and medium-risk active defense measures are not directly prohibited in statute. g. Active defense tools should be available to the private sector. Example: Deception security technologies
- Congress should expand forfeiture laws to include digital currencies and alternative payments systems who facilitate money laundering associated with cybercrime and espionage. The proceeds of this forfeiture should be allocated to critical infrastructure protection in cyberspace. In this vein AML Statute and FATF must be modernized.
The Trump Administration should:
- Elevate Cyber-Command and allow her to augment our cybersecurity.
- Appoint a Cybersecurity Ambassador and correspondent Cyber-attaches.
- Mandate that 20% of Federal IT spend be allocated to cybersecurity via OMB.
- Mandate that the US trade Representative make “industrial espionage facilitated by cyber” an agenda item for the next WTO meeting.
- Establish the Superfund for Cybersecurity from the forfeited assets of cybercriminals.
- Double funding for DOJ and DHS per cybercrime investigations.
- Modernize the FCC to tackle DDOS via authorization to sinkhole C2.
We are being colonized in cyberspace. Our natural borders cannot thwart the cyber-insurgency we are facing. American Cyberspace must be civilized. Our National and Economic Security depend on it.