According to a Government Accountability Office (GAO) report, federal cybersecurity has “regressed” since 2019. Based on the string of recent, overt cyberattacks on America, you probably could have guessed this yourself.
We’ve never had a greater need for federal leadership in the tech realm, and, unfortunately, our government has yet to step up. Let’s take a deeper look.
The Nation’s Cybersecurity Is Lacking in Key Areas
U.S. cybersecurity is one of five areas that government watchdog GAO deems ‘high risk.’ It joins the decennial census, USPS financial viability, strategic human capital management, and transforming EPA’s process for assessing and controlling toxic chemicals as areas in need.
According to the report, the nation’s cybersecurity specifically declined in ‘leadership commitment.’ The government is currently missing ‘important characteristics’ from previous strategies and plans for cybersecurity during Donald Trump’s tenure in 2018 and 2019.
It’s also missing an ‘officially appointed central leader’ to carry out the White House’s national cybersecurity approach. The National Defense Authorization Act of 2021 established such a position in January, but it has not yet been filled.
This news is disappointing considering the big game that President Joe Biden has talked about cybersecurity since he took office.
Considering the scale of the recent cyberattacks on the United States, the Biden administration might want to think about expediting its search for a leader.
Massive Hacks Are Becoming More Common
If there were ever a time that the United States needed stronger leadership in the cybersecurity department, that time is now. In fact, that time was probably a year ago.
2020 was a landmark year for hackers. Some of the biggest security breaches in history were recorded in the pandemic. Here are some of the most troubling:
FireEye Breach
This breach was disturbing because FireEye is a well-established cybersecurity firm known as a frontline defender for government agencies. And it was hacked. Not only that, but “highly sophisticated threat actor” (believed to be Russian intelligence) made off with FireEye’s “red team assessment tools.” The hackers could then use these tools against other victims.
SolarWinds Hack
In a related and even more worrying attack, IT company SolarWinds was breached. This Austin-based company provides software and IT solutions for Fortune 500 companies and U.S. agencies. And this attack put all of those agencies at risk. Potential victims include the Office of the President of the United States, the Secret Service, the Department of Defense, NASA, Microsoft, and Visa. Experts have called this the largest hack of all-time.
Check this video detailing the hack:
Attack on the NSA
Yes, the government agency we’re all worried about spying on us was spied on by someone else. While this hack technically happened in 2016, we’ve recently learned that the Chinese hackers who infiltrated the NSA did more damage than we thought. Hacker group Shadow Brokers made off with several high-level tools from the NSA, which could then be used against more victims.
These are just three of many cybersecurity revelations in the past year. North Korean hackers were recently charged after an 11-year, billion-dollar plot. Another hacker tried to poison the water supply in a small Florida town. And one hacker even infiltrated Jones Day, the national law firm that has represented Donald Trump, Fox News, General Motors, and more.
All of these attacks point to a growing need for increased cybersecurity measures. Let’s hope our government responds accordingly.
Featured image by BeeBright from Shutterstock.