The US Government’s Offensive Cyber Defense

I read a very compelling article by Jorge Benitez and Jason Healey in The National Interest last week. Pulling no punches, it is titled Cybersecurity Pipe Dreams.

Here are my favorite lines: “There is a popular misconception that perfect cybersecurity is obtainable if you invest in sufficient defenses and practice reasonable access procedures. The cold, hard truth is that we live in an age where cyber-offensive capabilities are dominant.”

I appreciate and respect the authors for pulling no punches and stating the obvious.

My number two favorite line is, “For all the talk about cyber protection and the billions of dollars being spent ($3.2 billion in 2012 for the Pentagon alone) to improve defenses in the public and private sectors, your bank account PIN and the secrets in President Obama’s computer are both vulnerable.”

The United States Government, holder of top secret information and data, has had their pants pulled down so many times with data breaches that violate their own “standards,” which are outdated moments after their ink is dry (yes, still not paperless!), that they ought to just stop wearing pants. It would save time. It would not be pretty, but it would be cheaper.

When there is a fast moving, nimble, never before experienced, technology explosion like the internet, what better than a bloated lumbering elephant to be able to solve the problem? (Yes, when I have a virus I immediately look for a government toll free number for tech support.)

That was a JOKE. It is also a JOKE that the US Government thinks they can solve this issue by regulation and bully tactics. Take one part intellectually arrogant Inside-the-Beltway government agency, throw in a bureaucrat kissing his boss’s ass, add a few lawyers, top off with an asleep at the wheel Congress, and stir. There you have your recipe for disaster and a whole bunch of wasted tax dollars.

While they are trying to kill one fly at a time with swatters to scare all the other flies, the locusts are coming. PLEASE shut up and take care of your own house before they go attacking citizens and businesses in this country. Work WITH THE INDUSTRY AND THE PEOPLE, not against us.

Learn about technology outside of the FBI and NSA. We all know how well these agencies play with each other in the same sandbox. It does not paint a pretty picture. What do the Feds have to show for it? Are there laws passed yet? No. Are there standards yet to adhere to? No. Do the lawyers and agency heads have enough education to lead from a place of knowledge rather than power? No.

There have been more than a few instances where the government needs to ‘heal thyself,’ before they start playing one of their favorite games, which I call “Head on a Spike.” The Heritage Foundation shined a light on the government’s “problems at home” in an article titled FEDERAL CYBER WOES CONTINUE.

I wonder if these government branches will sign a consent decree agreeing to future audits from an outside third party that will cost them a fortune, misrepresent the truth, harm their reputation and solve nothing. Perhaps they will just admit that we are all in this together. Perhaps Nancy Pelosi will buy a summer home in Alabama. Well, probably not.

Unfortunately, hypocrisy is not covered in the Bill of Rights.

Make sure you read my previous post Another Day, Another Cyber Story