In July 2016, the FDIC finally confirmed that 12 of its workstations and 10 of its servers had been regularly hacked by the Chinese government from 2010 to 2013. The aspect of this hack that worried both government officials and members of the private industry was that the FDIC covered up the hacks for six years. Even when submitting official reports on its cyber security issues, these hacks were never mentioned.
There have been many high profile hacks in the private industry throughout the years, but the government hacks often either go unreported or reported with no details. For many people in the public and private sectors, cyber security is a growing matter of national concern that cannot be ignored. Is the government doing enough for cyber security, and what is the relationship between government and private sector research in the area of Internet protection?
The Government And Cyber Security
When it comes to the government and cyber security, not enough is really known because much of what the government does is classified. To industry observers, this indicates that there is a serious disconnect between Internet security in the private sector and in the government arena. The truth is that the government has hinted at some great innovations it has done in the area of cyber security, but the private sector gets no government support when it comes to sharing those innovations. The government contends that it keeps its research classified because of national security. Unfortunately, many people in the private sector think that classifying the government’s cyber security information is a bad idea.
The United States government recognizes its own military and financial assets as important to protecting the country, but it has a hard time realizing how important private sector assets are as well. Military contractors who hold government secrets are left to fend for themselves when it comes to Internet safety. Even the stock markets, which are regulated by the federal government, are not getting much government support when it comes to cyber protection. If those private assets are compromised, it could cause just as much damage as if government assets were hit.
How Important Is It For Private And Public Resources To Come Together?
Several years ago there was a web service called McColo that provided Internet services to some of the worst cyber criminals of the mid-2000s. Despite the damage McColo was doing to the online and offline world, there had never been any attempts to shut the service down. When a reporter decided to ask the Internet Service Providers why they had not shut off McColo’s bandwidth, each one of them responded that they had no idea what McColo was doing and they all shut the service down.
This example is significant because after McColo was shut down, the volume of spam email around the world dropped by nearly 70 percent. McColo was obviously a damaging and pervasive website, but it was allowed to operate under the radar until it was exposed. President Barak Obama once said that the government cannot protect the country from cyber attacks on its own. It needs help and the McColo incident is a great example of how much can get done when groups and agencies work together. The problem is that the government refuses to declassify cyber security information and become part of the dialog to defend the country from cyber attacks.
Where Do We Go From Here?
While the government will not share its cyber security secrets, it is doing plenty to help inspire innovation in the private sector. Government agencies are being created that offer grants and other types of support to companies that want to work on cyber security innovations. Think tanks made up of private industry cyber security experts are on the rise to help solve some of the most daunting security issues that face the country today.
Despite all of the efforts to organize cyber security throughout the country, the idea of Internet protection is still very much caught in the Wild West era. There is no central organization filled with experts, there are no standards in place, and there is no cooperation between the government and private sector to get the job done. For now, it is every one for themselves when it comes to online attacks. We can only hope that it doesn’t take a catastrophic cyber attack to finally get the private and public sector working together on this very important issue.
Laurence Banville. Esq is the managing partner and face of Banville Law. Laurence is licensed to practice law in the state of New York. Originally from Ireland, Banville moved to the United States of America where he worked at law firms, refining his litigation and brief writing crafts. He is also the recipient of the Irish Legal 100 and the Top 40 Under 40 awards.