Following a year full of massive network breaches, data dumps, DDoS attacks, and a presidential election campaign that finally made the governments start thinking about cybersecurity, it is ridiculous that the officials are still scrambling to understand technology. With comments like understanding the "necessary hashtags" and the 60-day "cyber fix-it," government officials have yet to find a way to deal with increasing sophisticated threats.
Experts urge President Trump to take immediate action on cybersecurity
Experts at the Massachusetts Institute of Technology have said that the presidents from both the parties in the last 25 years have paid lip service to cybersecurity, and that the Trump administration needs to take urgent action to take control of the influx of sophisticated cybercrime. In an extensive report published today, experts said this scattershot approach that many previous administrations have taken to focus on short-term fixes is why "offense remains dominant."
In a world where hackers can sabotage power plants and impact elections, there has never been a more crucial time to examine cybersecurity for critical infrastructure, most of which is privately owned.
MIT, along with experts from the technology industry, government, and academia have written this report with a focus on creating a better security environment in five to ten years, not just a short-term plan. As the expertise in both the white and black hat hacking industries has grown, adversaries are extensively funding hackers to launch state-sponsored attacks against private companies, oil pipelines, and government databases, among other critical infrastructure.
"Are we condemned to remain in this unstable and insecure condition, in which the best we can do is to repeat urgent but futile warnings from high places and, at the operational level, merely to refine our tactics in a losing game of Whac-A-Mole," the group asked.
The report, "Making America Safer: Toward a More Secure Network Environment for Critical Sectors," makes a series of recommendations for the Trump administration to develop a long-term cybersecurity plan that coordinates efforts across departments and removes parts of key infrastructure like the electric grid from the internet.
Led by former NSA official Joel Brenner, the MIT team has recommended the White House to tackle the risks associated with cyberattacks targeting sectors of oil, gas, and electricity, along with communications and financial institutions.
The nation will require a coordinated, multi-year effort to address deep strategic weaknesses in the architecture of critical systems, in how those systems are operated, and in the devices that connect to them. But we must begin now. Our goal is action, both immediate and long-term.
The 50-page report [PDF] puts forward the following eight challenges and recommendations to the Trump administration:
- Improve coordination.
- Measure cyber risk and infrastructure fragility.
- Review laws and regulations with the goals of reducing risk and optimizing security investment.
- Enable critical infrastructure operators to quickly identify and respond to
cyber risk arising from cross-sector linkages as well as from their own networks.
- Reduce component complexity and the vulnerabilities inherent in them.
- Address fundamental issues of system architecture.
- Formulate an effective deterrence strategy for the nation.
- Accelerate and improve the training of cybersecurity professionals.
The group believes that President Trump will be receptive to the report, "given the shared desire to fix America’s vulnerable infrastructure."
“Our recommendations complement their attention to federal systems,” Brenner wrote. "Our current cyber insecurity is a national disgrace, and we must defend the networks that the safety of our nation depends on."