A top administration advisor says the White House is planning to unveil a new cyber policy next month, intended to protect U.S. networks that may be vulnerable to cyber attacks, and put tougher measures in place against hostile foreign actors.
As a panelist at the Aspen Security Forum Thursday morning, Thomas Bossert, the assistant to President Trump for Homeland Security and Terrorism, sat to discuss a topic titled: “No Room for Error: Advising the President on Homeland Security and Counterterrorism.”
During the discussion with interviewer David Sanger, of The New York Times, Bossert said China, Russia, Iran, and North Korea have not been penalized enough for conducting cyber attacks on the U.S..
“They are right now not paying enough—they’re not paying anything,” Bossert said, stating that attacks against computer systems are an inexpensive way to earn a “very high reward.”
According to Bossert, the Trump administration plans to protect American infrastructure, including the electrical grid and financial networks. The new policy will be aimed at deterring cyber attacks, establishing a higher cost to be paid by hostile actors for such behavior.
“I’m ready to put some policy changes in place that are going to increase the cost to the bad actor, and unify the like-minded, so that we can throw the people that are not on that page out of the internet, if necessary,” Bossert said.
Bossert said sanctions, such as those imposed on Russia, are not an adequate response. He termed such actions a “20th Century tool” for a 21st Century problem. Instead, he says America needs to increase cyber defenses before tougher measures are established, warning that a “rational strategy” needs to be in place before making “private and critical infrastructure owners more vulnerable.”
Bossert said that to get ahead of attempts by hackers to access or expose sensitive systems, or any cyber attack, the U.S. must clearly define what is acceptable and unacceptable.
“We need to have some norms and agreed upon standards and expectations,” he said, criticizing the Obama administration for failing to have a strategic response to such incidents.
Once the rules on acceptable cyber actions are in place, both nationally with the support of other nations, like Israel, Bossert says evidence of hostile acts will lead to punishing the bad actors.
Bossert opposes involving the United Nations ,or other multilateral institutions, since it can lead to inaction.
“If we have a U.N. Security Council vote on what we’re going to do to punish a bad cyber actor, it will likely be, inevitably be held up with a vote and an objection on whether you have enough proof,” Bossert said. “Whether you’ve shown your evidence and revealed your classified programs and all the things we’ve seen in the past as nonstarters in cyber attribution.”
According to Bossert, the administration wants to have a bilateral approach to punishing policy violators. The U.S. government would work individually with a participating country, assess the evidence, and take action. Bossert said, “There is no playbook for what is [a] proportionate [response] in cyber.”
Possible repercussions may include counter attacks by cyber means, or with diplomatic, economic, military, or intelligence action, although Bossert admits, “There’s no evidence to suggest that offensive cyber is a deterrent.” He says the administration hasn’t fully determined how to punish violations yet.
If you would like to receive Breaking News text alerts on a smartphone or tablet, download the DML APP which is completely FREE and easy to use. Go to the Google Play Store or the IOS App Store and search for DML APP. Be sure to keep the app’s notifications setting on. Another way to receive alerts is to text to 40404 the following message: follow @realdennislynch (be sure to put a space between the word follow and the @ symbol).
To see more stories like this, sign up below for Dennis Michael Lynch’s email newsletter.
Sign up to get breaking news alerts from Dennis Michael Lynch.
Popular sitcom plans to ‘address Trump’ in upcoming season