Election meddling. Corporate espionage. Ransomware attacks. Massive data breaches. The cybersecurity threats facing the United States seem to multiply by the year, leaving government agencies and private companies scrambling to keep up.
That is among the reasons why many experts are alarmed that the White House eliminated the position of cybersecurity czar on the National Security Council, or NSC, on Tuesday. John Bolton, President Donald Trump's new national security adviser, has been widely reported to have sought to cut the job.
"This is definitely not the signal you want to send to your allies and your adversaries," said J. Michael Daniel, who served as cybersecurity coordinator under President Barack Obama and now leads the Cyber Threat Alliance, a nonprofit group formed by cybersecurity companies.
The departments of Defense and Homeland Security will surely continue to stay on top of cyber threats, but the U.S. government has apparently lost the person who can aggregate them for the president and his staff, according to Megan Reiss, a senior national security fellow with the R Street Institute, a nonpartisan public policy research organization.
That means the West Wing might fail to see the big picture around what the director of national intelligence considers the No. 1 global threat, Reiss said. Russia, China and North Korea — not to mention terrorist groups and rogue criminals — could exploit the apparent disorganization and target the U.S.
"If we entered into a conflict with a [foreign power] and they wanted to cause damage to us, they could go after our critical infrastructure, like our power grids," said Justin Cappos, a professor of computer science at New York University. "They could go after our cars. They could cripple air traffic control. They could do very substantial damage to military targets. They could substantially damage our country as a whole."
The major threats known to U.S. government agencies and security experts include:
- Russian election interference: U.S. authorities say Moscow meddled in the 2016 presidential election. Kremlin-linked hackers were able to take documents from the Democratic National Committee and penetrate voter registration systems. Russian trolls created troves of fake news and spread misinformation on social media. And without an aggressive federal plan to shield election systems, Russian could strike again in the run-up to the fall midterm elections.
- Chinese espionage: China's cyberoffensives against the United States have eased up since the two countries signed commitments in September 2015, according to Cappos. And yet Beijing continues to target U.S. companies. "They're interested in stealing information on our companies, information on private citizens, things that could give them an edge or be used for blackmail," said Reiss of the R Street Institute.
- North Korean intrusions: Pyongyang has already waged cyberattacks against U.S. businesses, the most famous being the movie studio Sony Pictures Entertainment before its release of "The Interview" in 2012. And North Korea "remains capable of launching disruptive or destructive cyberattacks to support its political objectives," according to a report from Dan Coats, the director of national intelligence. Last year, North Korea unleashed the WannaCry ransomware attack, crippling parts of Britain's National Health Service.
- Terrorists and criminals: ISIS is widely known to use the internet to recruit followers, spread propaganda and raise money. The terrorist group will "continue to seek opportunities to target and release sensitive information about U.S. citizens," according to the DNI report. Globetrotting criminals will no doubt continue to use sophisticated tools to carry out theft and extortion. And "ransomware" attacks, like the one that hit Atlanta this year, are seemingly on the rise.
Daniel, the former cybersecurity coordinator under Obama, said that there is "nothing sacred or holy" about the role and that it is Bolton's prerogative to restructure the NSC. A memo circulated by an aide to Bolton said the position was no longer necessary because lower-level officials had already made cybersecurity concerns a "core function" of Trump's national security team, according to The New York Times.
"But the way that this has been framed runs the risk of sending the signal that, at least at the White House level, they're not considering this issue to be as important," Daniel said.