Why the US Needs a New Cybersecurity Alert System
The last successful attack on US soil by foreign individuals took place last December. A cyberattack that targeted software provider SolarWinds affected Microsoft, the US government, and cybersecurity firms like FireEye. Although cyberattacks don’t lead to loss of life, they are costly and are increasing in frequency.
[bg_collapse expand_text=”Continue Reading” icon=”arrow” color=”white” view=”button-blue”]
Malicious attackers discover new vulnerabilities or exploit previously known vulnerabilities. SolarWinds-related attacks such as Supernova and Sunburst attacks were examples of the former. In 2017, the WannaCry ransomware attack targeting Microsoft used a known vulnerability to infect over 200,000 computers and cause damage worth billions of dollars.
Most people would think the US is protected against known vulnerabilities. However, a 2019 research study revealed an average gap of 133 days between the discovery of a vulnerability and the release of information regarding it to the public. This period is typically used to create a patch that mends the vulnerability. However, half the attacks that use known vulnerabilities occur during this period before the vulnerability gets fixed. Consider these as holes in the perimeter fences around the US embassies worldwide. If it took 133 days to repair them, there would be a hue and cry because terrorists could use this opportunity to carry out successful attacks. However, this is the state of cybersecurity in the US today.
Upon discovering a vulnerability, the National Institute of Standards and Technology, responsible for maintaining the National Vulnerability Database, takes time to communicate with the vendor whose product contains the vulnerability and look into other processes like estimating the severity of the vulnerability. Generally, vendors have little incentive to patch a vulnerability or cooperate because the affected product may be unprofitable, old, or close to being phased out.
However, this isn’t sufficient. The US needs a National Cyber Vulnerability Early-Warning Center—just as a meteorologist is always on the lookout for storms, an early warning center would keep an eye out for vulnerabilities in widely used hardware and software components. This would discover new weaknesses before enemies do, strengthening defenses. North Korea, Russia, Iran, and China can access cheaper expertise. The best way for the US to protect its intellectual property and data is to invest heavily in cybersecurity.