Until a few years ago, cyber-security threats were primarily the concern of unsuspecting Internet users. Bad actors would embed malicious links in emails, or entice you to download infected software, and then siphon off your personal data from your hard-drives.
Then, cyber-criminals moved higher-up the chain – and brought cyber-security concerns into the domain of corporate America. Targeted theft of trade secrets, ransom-ware attacks, and DoS incidents have become commonplace. But today, national security has come in the cross-hairs of many cyber criminals – some individuals, many state-sponsored actors. William Saito an expert in cyber-security is concerned that businesses and individuals are also vulnerable to these attacks. If government agencies don’t do anything about it, the very credibility of many democratic institutions and norms might be irrevocably damaged.
It’s Time to Act
Writing for Forbes, global cyber expert Japanese-American William Saito cautioned that, when cyber-attacks happen, the usual tendency is to blame the victims of such attacks. The natural reaction then is for the victim – be they individuals, small mom-and-pop store owners, or large multinational corporations – to hide the fact that they were victimized. William Saito advocates are taking a more proactive approach to dealing with Cyber-crimes.
It’s time to stop the blame game and start to act!
Recently, there have been numerous reports of successful cyber-attacks– and many more attempted cases – against corporate and governmental entities. Some of the more memorable ones include:
• The Equifax hack in July 2017 that left the personal data of 145 million individuals exposed to cyber criminals
• Over 3 billion Yahoo accounts hacked back in 2013 – but the company only disclosed it in 2016
• A shady anarchist group, calling themselves Shadow Brokers, hacked and released a trove of National Security Agency (NSA) hacking tools into the public domain. The infamous WannaCry series of cyber-attacks were the direct result of those leaks
• NotPetya was yet another serious cyber-security offensive that impacted FedEx, WPP – the British ad agency, Russia’s gas giant Rosnef, and Maersk, the Danish shipping magnate
But cyber-criminals don’t just pose a threat to public and private corporations and individuals. Cyber-security has more recently crossed into the realm of national security. An incorrectly configured Amazon Cloud server setting caused 200 million GOP voter records to be hacked, exposing the very heart of American democracy to the whims of cyber criminals.
A cyber-attack in 2015 nearly crippled Ukraine’s national power grid, and caused wide-spread disruption to commercial, industrial and residential power distribution. Earlier, the U.S. Central Command (Centcom) and U.S. Pacific Command (Pacom) confirmed that non-classified information was exposed, as a result of yet another cyber oversight on an Amazon Cloud server. The military claims that, once they were made aware of the unauthorized access, they acted quickly to shut down the intrusion.
Read related: Telecom services and mobile phones will become expensive in India post GST
These are only a few reported instances where cyber criminals were known to have practiced their dark art. There are likely hundreds of, if not more, other incidents that have gone unreported – primarily for fear of “blame the victim” as William Saito has cited. If governments around the world, lead by the U.S, don’t act now – there could be even more trouble ahead.
Warning Signals Ahead
Cybersecurity warning signs are flashing bright. The suspected Russian state-sponsored attack on U.S democratic institutions, in an effort to influence the 2016 Presidential elections, is a wake up call for anyone remotely concerned about what cyber criminals can do.
According to reliable reports from the Department of Homeland Security (DHS), 21 states saw foreign state-backed cyber criminals explore vulnerabilities in U.S. election infrastructure during the 2016 elections. While no evidence was found to suggest that final election results were swayed by these attacks, the fact that such efforts were made is alarming for national security.
The upcoming mid-term elections will likely see even greater effort at cyber-influencing our democratic processes. But the threat to homeland security doesn’t just come from the fact that cyber criminals – either state-sponsored or lone-wolves – can access our cyber infrastructure at will. The real threat is what happens after:
• Can un-representative governments be forced into office as a result of some “bad actors” accessing voter records?
• Could leading political figures, either in-office or in opposition, be blackmailed or manipulated as a result of “dirt” stolen through cyber incidents?
• Are there national defense secrets (top-secret weapons plans, critical incident response protocols) in the hands of non-friendly players, and what might they do with that information?
• Will hacked information lead to loss of U.S. corporate global competitiveness?
The US Department of Justice has some excellent guidelines on reporting and dealing with cyber incidents. But it is highly unlikely that such guidelines, even if implemented fully, will prevent all acts of cyber espionage or thievery.
Reporting on the 3rd annual cyber conference held in Japan – Cyber3 Conference Tokyo 2017, William Saito noted that the participants agreed on a high-level cybersecurity strategy that should incorporate 5 key pillars, including:structures that can address vulnerabilities, progress in R&D, promoting security measures among private companies, bolstering human resources, and international cooperation.
Read more: How IC Systems Protects Consumers
This 5-point cyber-security strategy makes even more sense when we think of the potential exposure that the Internet of Things (IoT) evolution could bring. The following are key takeaways from Cyber3. Businesses should realize that cyber-security is no longer confined to the server room, but is now something that needs the attention of the boardroom. There must be greater private-public cooperation in order to fend off future attacks.
The cooperative efforts of industry and government can ensure that business, which currently faces the brunt of cyber-attacks, pass on invaluable lessons learned to government, William Saito comments. Policymakers can then use those inputs to frame appropriate policies to boost national resilience against state-sponsored and individual cyber incidents.
Cyber-security Strategy
It is under this backdrop that the recent initiative by the DHS is a welcome move. The premier government agency, whose responsibility it is to protect the homeland from any threats – either conventional or cyber – recognizes that the 2018 U.S. mid-term congressional elections could be a prime target for nefarious cyber activity against the United States.
This stark reality rings clear in the words of the Department’s chief Kirstjen Nielsen, who said: “It is clear that our cyber adversaries can now threaten the very fabric of our republic itself.”
The strategy unveiled by DHS takes a pro-active approach to exploring and patching potential vulnerabilities in primarily election-related infrastructure. While such systems and devices are a priority, for now, the strategy envisions much broader deployment in the future. In anticipation that national security will be attempted to be compromised during Elections-2018, more than 50% of U.S. states are already on-board with having DHS protect their critical election infrastructure.
About William Saito
William Saito is a renowned Japanese-American entrepreneur who, over the course of his illustrious career, has started-up, invested in or assisted more than 25 companies – primarily in the technology sector. California native Saito spent a lot of time during the tech-boom of the 1980s interning at Big Tech Japanese names like NEC, Fujitsu, Toshiba and Sony.
Like many a daring entrepreneur, William Saito had his share of failures, before finding his place in the biometric security niche, and was graced, in 1998, with the Entrepreneur of the Year award by consulting firm Ernst and Young. Having found success, in 2004 Saito sold his company to tech giant Microsoft, and then headed back to Japan in the hope of giving back to his ancestral land. He also helped to rekindle the famous Japanese entrepreneurial spirit.
William Saito worked with the Ministry of Economy, Trade and Industry in Japan, as a Special Advisor until Dec 2017, becoming Prime Minister Abe’s un-official Cyber Czar. He also sits on the boards of numerous Japanese and multinational companies. In addition,William Saito has contributed on Cybersecurity and Information Security with organizations such as the World Economic Forum, Coopers & Laybrant, Price Waterhouse and The Chertoff Group.
Find William Saito on:
