With news reports of Russians accused of hacking a U.S. political party and the Ukrainian power grid, the U.S. and Israel hacking Iranian nuclear centrifuges, Iranians allegedly launching DDoS attacks against the U.S. and China accused of hacking Canada’s National Research Council one might think the world is on the verge – or in the middle of — of nation-state cyber wars.
Not yet, says Leo Taddeo, a former FBI special agent and cyber security expert who is now chief security officer at Cryptzone, a U.S., maker of a network access gateway.
But things are getting tense, he admits, and the election of Donald Trump won’t necessarily cool things down.
Trump has only reluctantly agreed with American intelligence reports that Russia was behind the hacks of the Democratic Party national office, arguing attribution of any attack is difficult.
But, Taddeo added in an interview Monday, “I think in the president’s learning curve as he receives more and more information and more and more clarity on Russian cyber activity he will realize it’s a real and persistent threat. And his posture has been where threatened to retaliate. And he has clearly stated … where he needs to he will strike back. And if that promise is kept and there is a [cyber]f exchange with Russia I don’t think anyone knows where that exchange will end.”
He doubts major powers – the U.S., China and Russia – are on are on the verge of a major cyber war in part because he believes that would really be a component of what he calls a shooting war.
“But what I think we are in is a cyber conflict, a simmering cyber conflict (with) multiple players. It’s muddied by criminal actors who have near-nation state capability. Attribution is very difficult, time consuming and resource intensive, which complicates things.
“No one’s preparing to shut down hospital systems and electric grids and other critical infrastructure from a nation state-to- nation state point of view. But certainly we are in conflict – we are probing, we are certainly collecting information, both side do it … The conflict will escalate.”
Does he have confidence Trump can tamp it down?
It’s hard to say, he replies, because the new president has just taken office. But he noted retired General James Mattis, the new Secretary of Defence, “is a scholarly warrior, and I think he will take a very deliberate and well-planned strategy for cyber.” Congress has confidence will not start a real or cyber war, judging by congress votes. Michael Pompeo, the new CIA director who has sat on the House of Representatives’ intelligence committee, “is a very experienced intelligence official who understands both the risks and the threats from cyber.”
That leads Taddeo to conclude that there’s not going to be an immediate or abrupt escalation based on the new administration policies. “I think it will simmer and potentially escalate based on some back and forth [between countries], but I don’t see any indication that it’s about to happen because of a major change in the staffing of the agencies that execute these strategies for the United States.”
On the three countries Trump has his eyes on – Russia, China and Iran – China could be the most problematic, Taddeo suggests. While President Barack Obama negotiated an agreement in 2015 with that country not to engage in cyber espionage against their private sectors, that deal “is really based on goodwill … It’s technically unenforceable, because neither side admits to espionage.”
“China’s primary objective for conducting cyber espionage was to gain a business advantage or parity in as short a period of time. That economic imperative will be even more acute in the Trump administration if trade relationships with China deteriorate.”
The U.S. relationship with Iran, which has been accused of launching distributed denial of service (DDoS) attacks against American financial institutions, eased when Obama negotiated a nuclear deal. That may change if Trump, as promised, tries to force Iran back to the bargaining table.
“And Russia’s the wild card,” Taddeo added.
Turning to Canada, where some industries worry about Trump’s tough talk about imports, Taddeo says this country’s software industry shouldn’t worry. “I don’t think the trade restrictions Trump has been talking about will apply to the cyber security sector. The trade of software sector is not the sector he’s referring to when he says things like ‘We have to protect jobs and factories in the United States.’ So I don’t think we’re going to see protectionism when it comes to the software sector … As a matter of fact I think the trade advantage is for the United States in that sector anyway. So I don’t think it’s going to have a business impact for companies trying to sell software into the United States. But I’m not an expert in trade.”
Before joining Cryptzone in 2015 Taddeo headed the special operations/cyber division of the FBI’s New York office. He oversaw a number of agency high profile cases, including the investigations into the Silk Road network and groups selling the Blackshades malware.