Stopping SolarWinds’ style mega hacks, but preserving democracy – analysis

 One of the central security questions of our time is how to defend countries like the US and Israel from repeat mega hacks by the likes of Russia, Iran, China and North Korea.

The SolarWinds and Shirbit hacks announced in December 2020, along with a variety of other major cyberattacks, have convinced the US and Israeli governments that leaps forward are needed to keep up with the new frenetic pace of digital warfare.
Yet until a column in Politico by former NSA chief lawyer Glenn Gerstell on Monday, no one had publicly presented a detailed recipe for the path forward as much as experts had hopped up and down about how bad the hacks were looking backward.
Are Gerstell’s solutions realistic even for the US and can anything be applied from his proposals to Israel’s context?
First, it is important to flag two major issues Gerstell defined in a more concrete way than others have.
One is that when domestic computers are taken over by foreign agents to use them to perpetrate a larger attack on the very country where they are located, American and Israeli cyberdefense agencies face much greater challenges than when attacked head-on by foreign computers.
The Jerusalem Post was able to see this first-hand during an insider classified tour of the Israel National Cyber Directorate (INCD) office in 2020, observing a threat view screen with cyberattacks emanating from a range of Israeli allies (obviously the computers were hacked by adversaries).
The good news is that the Post understands that in many cases, cyber officials can see an attack developing before it completely blows up, because adversaries must somewhat reveal their hand as they start to cut through sophisticated cyberdefenses.
But this can also be harder to notice if it is happening in multiple gradual low-key stages domestically.
A second is that this challenge is not just technical. Rather, it is a built-in disadvantage for democracies which must balance national defense with respecting individual civil liberties and property rights, whether physical or digital property.
Put simply, the NSA is more limited by law from counter-hacking a US computer already hacked by a foreign adversary than it is going against foreign computers.
Israeli officials who discussed the issue off the record with the Post explained that many Western-style democracies are experimenting with striking a new balance between security and civil liberties in the cyber sphere.
One country is giving some of its cybersecurity agencies new surveillance powers to quickly probe and monitor its own domestic computers in situations which might constitute a “severe danger to the country’s way of life.”
An analogy might be the cyber version of the Shin Bet’s (Israel Security Agency) ticking bomb authorization to carry out enhanced interrogation of suspects in order to stop an imminent terror attack.
Granted that hacking a citizen’s computer is not the same as enhanced physical interrogation.
But the danger that such activity could pose to a society’s democratic character, if abused, is in many ways as dangerous or more.
Gerstell’s proposals actually fall somewhat short of such powers, but that is because the US, post-Watergate era, as a cultural-historical matter has a much larger objection to the NSA or CIA spying on its own citizens than other democracies.
Israel does have some robust defenses for its citizens from state encroachment on the private sector’s digital space.
There are basic laws protecting privacy and property rights.
Also, there is a recent Israeli High Court of Justice decision which declared Shin Bet surveillance of Israeli citizens infected with the coronavirus to have been unconstitutional.
But at the same time, Israel has a culture of deferring to the Shin Bet when there is a clash between security and privacy far more than some other democracies.
The flip side to the above High Court ruling was that Israel was the only democratic country in the world which dared to use its own spy agency to track its infected citizens during the corona era.
Facing far more immediate and constant security threats than most democracies, the Israeli public is far more ready to tolerate the Shin Bet or IDF imposing on its freedoms – especially during a crisis – than other democracies might be.
There are some practical differences between what the US and Israel can do and how they operate.
For example, the NSA is likely the most powerful cyber agency on the planet with potential hacking access anywhere in the world.
However, the NSA’s responsibility in tracking threats is also worldwide.
Israel’s Shin Bet and INCD have much more focused and limited portfolios, generally to regional threats.
Further, the US is huge geographically, meaning there may be many situations where the only cyberdefense answer for the government may be to remotely hack their citizens’ compromised computers.
In contrast, Israel’s small geographic territory has, to date, allowed the INCD to hop in a car and arrive physically to assist a hacked company in real time, while also giving them face-to-face reassurance that the intervention will be narrowly tailored to protection purposes.
One surprise from recent discussions and events held in the US and Israel is that groups like SolarWinds and Shirbit have not been shunned for being hacked. Rather, they have been almost praised for their full cooperation with authorities subsequent to the hack.
A more ideal situation would be to prevent the hacks before they happen and before they spread.
But until the hoped-for leap forwards in cyberdefense happen, government officials seem mainly interested in developing a culture of cooperation.
Gerstell’s ideas go beyond cooperation and information sharing to allow lightning-fast interventions, provided lightning-fast permissions are granted by high ranking law enforcement officials or special courts.
Whether the US or Israel can successfully implement new approaches to stop mega hacks, while creatively preserving checks and balances to protect civil liberties, is still an open question.

Source

You can skip to the end and leave a response. Pinging is currently not allowed.

Leave a Reply

Powered by WordPress | Designed by: Premium WordPress Themes | Thanks to Themes Gallery, Bromoney and Wordpress Themes