The Pentagon put in place Plan X to deal with cyber attacks. Apparently Plan X creates the mechanism for the Pentagon to counter attack against a cyber intruder. Unfortunately, the rules of engagement for Plan X are classified. As a result, Plan X is perfectly useless.
DHS reports there is a Trojan Horse malware lurking in America’s critical infrastructure computers that could cause an economic catastrophe. It comes from Russia. But are we doing anything about it? You bet! DHS issued a Memo on November 6, 2014! The threat has been there since 2011!
The United States needs an explicit, public plan to deal with cyber attacks on the critical infrastructure of the United States. The critical infrastructure includes banking and finance, government, defense plants, energy, communications and health and safety systems. All of them have been attacked by outside powers, the most reckless attacks from China and Russia. But Plan X does not seem to have been activated. This should tell us that Plan X is not the answer to the problem that threatens our national security.
To the degree we have any policy, it seems it is to sit on our hands and watch as our defense secrets are stolen, our technology compromised and our commercial, transportation, energy and banking systems threatened. Do we want to watch attacks on nuclear power plants when the result could be another Three Mile Island or Chernobyl?
The policy we have is purposefully defeatist and highly dangerous. The idea that Secretary of State Kerry would go off to talk to the Chinese and ask them to be nice about cyber attacks is absurd on its face and demeaning to the United States. The time to talk to the Chinese is after we slap down a cyber intrusion that came from Beijing.
The policy I advocate is a byte for a byte. It is biblical. If you mess with our power plants, we can mess with yours. If you strike at our banking system, we will hobble your banking system.
This message should go out to the Chinese, Russians, Iranians and anyone else who thinks they can attack us without penalty.
If we had a policy we would put it openly on the table: We will not tolerate attacks on our critical infrastructure. If you are so brazen as to do it anyway, we will respond in kind and more.
The word in Washington is that no one wants to confront China because, after all, they are sort of paying our bills these days. If that is the sum of our foreign policy we are dead ducks. When we talk about national security, we cannot turn the other cheek.
Clearly the United States is in a great position to win any cyber confrontation. We have the talent pool and much better capability than any of our potential adversaries. This won’t always be the case: even the Pentagon is taking notice that our edge is slip slip sliding away.
The new Congress should demand a tough policy of retaliation for cyber attacks. Happily the new Congress is closer in tune with the outlook of the American people. Appeasement is not an answer to cyber attacks anymore than it is an answer to military invasions.