|
A Blur Differentiating Between State Actors, Criminals In Cyber
by C. Todd Lopez, DOD News
May 19, 2021
Who's hacking U.S. networks? It's not an easy question to
answer, defense leaders told lawmakers, as determining if a
malicious cyber attacker is a foreign government, a cyber criminal
or a cyber criminal supported by a foreign government is never
clear.
|
Marines with U.S. Marine Corps Forces Cyberspace Command
confer about situations in the cyber operations center in Lasswell Hall at Fort Meade, Maryland on February 5, 2020. (U.S.
Marine Corps photo by Staff Sgt. Jacob Osborne)
|
"The line between nation-state and criminal actors is
increasingly blurry as nation-states turn to criminal proxies as a
tool of state power, then turn a blind eye to the cyber crime
perpetrated by the same malicious actors," said Mieke Eoyang, the
deputy assistant secretary of defense for cyber policy, during a
hearing today before the House Armed Services Committee.
Russian security services, Eoyang said, are known to leverage the
activities of cyber criminals and to then shield them from
prosecution for crimes committed for personal benefit.
"We
have also seen some states allow their government hackers to
moonlight as cyber criminals," she said. "This is not how
responsible states behave in cyberspace, nor can responsible states
condone shielding of this criminal behavior."
For the U.S.,
Eoyang said, knowing who is responsible for malicious cyber behavior
is important because it determines who can respond to it. When
non-state actors are engaging in financially motivated crimes, for
instance, it is the Federal Bureau of Investigation and the
Department of Justice who are responsible for pursuing those
criminals, she said.
"The
challenge I think that we have is that when those attacks first come
across the network and impact us, when we see that malicious
activity, it's always a challenge of attribution to be able to pull
it apart and figure out who are the state actors and who are the
non-state actors, [and] which elements of government would then be
tasked with the lead to disrupt that activity varies based on
location and whether or not they are criminal or not," she said.
While the FBI and DOJ handle criminal activities inside the
U.S., it is the role of Cyber Command to focus on cyber threats
against the homeland from adversary nation-states. It's an effort
the Cybercom commander and National Security Agency director, Army
Gen. Paul M. Nakasone, said he's proud of.
One area where the
role of Cybercom has been important is in the 2020 election.
Nakasone said the security of the 2020 election was ensured through
the Election Security Group, which is a combined effort of Cybercom
and NSA.
|
Marines with U.S. Marine Corps Forces Cyberspace Command
at work on their computers in the cyber operations center in Lasswell Hall at Fort Meade, Maryland on February 5, 2020. (U.S.
Marine Corps photo by Staff Sgt. Jacob Osborne)
|
"We
built on lessons from earlier operations and honed partnerships with
the Federal Bureau of Investigation, and the Department of Homeland
Security's Cybersecurity and Infrastructure Security Agency, sharing
information with those who needed it as fast as possible," Nakasone
said.
"To protect the 2020 elections," Nakasone said, "Cybercom
conducted more than two dozen operations to get ahead of foreign
threats before they were able to interfere with or influence
elections.
"I'm proud of the work the command and the
election security group performed as part of a broader government
effort to deliver a safe, secure, 2020 election," Nakasone said.
Our Valiant Troops |
Veterans |
Citizens Like Us |
U.S. Department
of Defense
|
|
