The nature of global conflict has changed, extending the battlefield beyond the physical realm and into the cyber domain. As physical barriers continue to fall and global tensions rise, the United States has recognized the need to master cyber combat, but so have its adversaries.
“Russia is a hurricane — you see them coming, you feel them. China is climate change. We are all starting to feel that now when you look at what’s happening in the world,” Kristina Walter, chief of the Cybersecurity Collaboration Center within the National Security Agency, said of today’s cyber threat landscape in her opening keynote address at the Potomac Officers Club’s GovCon International Summit on Thursday.
Today, Walter said, these competitors are leveraging the digital space to disrupt critical infrastructure, steal technologies from U.S. businesses, discover new cyber vulnerabilities in U.S. systems and conduct information warfare.
China, she said, is “unequivocally” the largest and most sophisticated threat in the cyber arena.
“We have seen over the last decade, while we were focused on counter-terrorism, that they have used cybersecurity as a means to an end that goes just below the threshold of war,” she continued.
What NSA has seen with Russia is the use of cyber means to enable kinetic effects, a tactic that has been displayed throughout the conflict with Ukraine, said Walter.
The nation has also been “heavily involved in information operations,” such as attempts to interfere with U.S. elections. Iran, she said, has conducted similar activities, and the physical separation between conflict in the Middle East and U.S. borders has become much less relevant.
“We are all being impacted by the conflict of the Middle East, and we are all being impacted by Russian and Ukraine, even if we don’t have boots on the ground, which means we have to change the way we understand the cyber activity that’s happening, understand what could overflow into the United States or our critical infrastructure and counter against that,” she said.
Cyberattacks against infrastructure and businesses can cause major national security threats. Walter emphasized that it is the U.S. government’s job to help companies secure their digital assets to prevent ransomware attacks or extortion, which are “a threat to all of us.”
Russia, China and Iran are just a few of the many actors the U.S. is “playing whack-a-mole” with across the cyber domain. The way to address this vast array of threats, said Walter, is partnerships.
While NSA has had cybersecurity on its radar for years, what was missing until recently was the ability to take the intelligence it has on attacks against the defense industrial base and share it with industry partners directly. Information on how these attacks were carried out was present, but in the past, the agency was unable to make it available to partners.
“If we can’t see all the pieces, we can’t connect all the dots and we can’t understand this activity,” Walter said.
NSA established the CCC four years ago as an unclassified center of collaboration to help change the culture surrounding information sharing. Since then, the organization has gathered 1200 industry partners and released over 70 public cybersecurity advisories with detailed information on what China, Russia, Iran, North Korea and ransomware actors are doing against U.S. companies, according to Walter.
As the future unfolds, Walter hopes to sharpen NSA’s focus on artificial intelligence, which —- has major implications for cybersecurity — and counter China’s attempts to degrade international internet protocols.
Learn more about the U.S. government’s top national security priorities at the Potomac Officers Club’s 2024 Homeland Security Summit on Nov. 13, where public and private sector leaders will come together to weigh in on the nation’s most important homeland security objectives. Secure your spot at the 2024 Homeland Security Summit to gain access to all the insights these experts have to offer.