The views, thoughts, and opinions expressed in the text belong solely to the author, and not necessarily to the Asian American News Network or its affiliates.
In the 21st century, technology has become increasingly prevalent. Armed with passwords, facial identification, and built-in antivirus software, we tend to disregard warnings about potential malware and dismiss the idea of someone infiltrating our accounts. However, like a house, any electronic device is vulnerable to attack— windows could be smashed, doors could be forced or picked, and a thief could sneak in through the doggie door. Once an intruder is inside, our valuables, classified secrets, and personal information would be exposed. The difference between a physical home and our digital haven is that the latter has exponentially more points of exploitation. Furthermore, it’s not always obvious when our digital homes are penetrated— small and large scale hacks can go unnoticed for months in the absence of proper diligence.
It was December 13th, 2020, when Reuters reported that a cyberattack was conducted upon cybersecurity firm Solarwinds, a company renowned for its superb online security software. Solarwinds is currently used by multi-billion dollar companies such as Microsoft, AT&T, and Ford. In simple terms, this breach installed malicious files disguised as updates on many computers containing Solarwinds’ Orion software. These malicious files allowed hackers to view and steal information on the host computer. In a world with a growing dependence on technology, small scale corporate hacks are commonplace, however, this security breach stands out for its larger target.
Serving as the most powerful institution in the nation, one may reasonably expect the US government to have a nearly impenetrable cyberdefense. Yet, in a time of rapidly evolving cyber tactics, the US government is not immune to penetration. Details concerning the extent of the breach are still unfolding, but Reuters has already confirmed that the US Department of Homeland security, Department of Treasury, and Department of Commerce have been compromised. Moreover, the US government’s use of Solarwinds is not limited to just those three branches: the US Department of Defense, Marine Corps, Army, Navy, Air Force, and the Department of Justice all rely on Solarwinds software. This means that any of the aforementioned federal branches could have been targeted by the hack.
The most frightening detail of this breach is its supposed origin: federal officials and private investigators both suspect that this hack was orchestrated by Russian agents. Given the increasing hostilities between the US and Russia, this cyberattack poses a major threat to US national security and international interests. With access to secrets and strategies, Russia could conduct military attacks with a major advantage over the US and its allies; these could range from attacks on US territory to attacks on other nations using US technology. The latter could interfere with US foreign policy and assist Russia in attaining disproportionate global influence.
It is imperative that the federal government prioritize the improvement of its cyber defense capabilities. Whether it comes in the form of legislating minimum cybersecurity standards, incentivizing the creation of more cybersecurity firms, or investing in the cybersecurity sector, the US must take immediate action to improve its own cybersecurity. It will not only deter future Russian hackers but also thwart potential cyber offensives from the emerging superpower China, which has had a history of cyberattacks against the US. For instance, in 2007, China stole documents from Aviation Company Lockheed Martin detailing the US fighter jet F-35. Many experts suspect that the PLA used these stolen documents to design their own J-20 fighter jet. With rising economic and military tensions with China, the United States must bolster its cybersecurity to defend against prospective aggression.
If no action is taken to confront the growing threat of cyberattacks, future digital offensives will be inevitable. Along with network monitoring programs and military aircraft, critical infrastructure such as power grids would remain defenseless against infiltration. An attack on power grids could disrupt anywhere from a small neighborhood to half of America. Ultimately, as digital privacy and physical safety become increasingly interrelated, strengthening our cybersecurity is necessary to protect the lives of all Americans.
Very nice Dylan