U.S. Cyber Command believes cyberdefense efforts have hit an inflection point and warns GEOINT companies they will be targeted.
The wave of sophisticated cyberattacks that roiled American industry and government in 2021 marked a turning point. As each new tale emerged of a brazen hack or zero-day attack—of SolarWinds, JBS, Microsoft, Kaseya, the Colonial Pipeline—the stakes became clearer, and the urgency increased to mount a thorough and coordinated defense.
That’s the belief, at least, of America’s cyberdefender-in-chief: General Paul Nakasone, commander of the United States Cyber Command, director of the National Security Agency and chief of the Central Security Service.
“Today our adversaries are operating with a scope, scale, and sophistication unlike any we’ve seen before,” General Nakasone said during a keynote address at the GEOINT 2022 symposium. “The positive thing is the realization within our government, within our nation, that really, as I termed it, cybersecurity is national security. That we have to change. We have to change and we can’t approach it in the way we’ve done it before.”
One of the changes General Nakasone is banking on is greater collaboration among the organizations and agencies that protect national security systems (NSS).
“As long as NSS owners are taking disjointed and non-uniform approaches to cybersecurity, all national security systems will continue to be under increased risk. A robust layered, and consistent cybersecurity posture built on the latest technologies and practices supported by team of experts, and best defended our most valuable assets,” General Nakasone told the GEOINT 2022 audience.
He identified space-based assets as a focal point, highlighting their strategic value as well as the security risks often associated with those programs.
“Since we lack the ability to physically upgrade after launch, and are reluctant to update operational assets, they may have weak or obsolete security practices with known vulnerabilities,” said General Nakasone. “For these reasons, it’s even more important to invest in an exceptionally robust cybersecurity architecture from the earliest design phase and put it into effect with accurate cyber-hardening.”
General Nakasone also pointed to the networks and ground architecture of companies and agencies involved in geospatial intelligence, challenging leaders to beef up their security practices.
“Our adversaries will look to take away the capabilities that give us military offset, and GEOINT is a key enabler to our projection of global power. We need to ask if we are sufficiently hard to withstand Russian and Chinese efforts to compromise those networks for intelligence or to seek to eliminate our advantage through malicious cyberactivity,” he said.
One step toward greater coordination came in January, when President Biden signed an executive order to improve the cybersecurity of several top government security systems, and granting greater authority to General Nakasone to take action needed to safeguard those systems. General Nakasone is equally excited about other cybersecurity initiatives aimed at increasing cybersecurity collaboration, such as the National Security Agency’s Cybersecurity Collaboration Center, founded in 2020 to encourage intelligence exchanges between the government and businesses within the defense industrial base (DIB). Some of those same partners also participate in Dreamport, a U.S. Cyber Command program partnership with DIB companies that aims to share information with small businesses to help them shore up their cyberdefenses.
“Dreamport continually accelerates the art of the possible, discovers and validates solutions to cyber challenges, and infuses real time cybersecurity skills in the most relevant context possible,” General Nakasone said.
Despite those advances, General Nakasone warned the GEOINT 2022 crowd of a continual wave of sophisticated attacks—especially given the sensitive nature of geospatial intelligence.
“No single entity, organization, or individual has the visibility into all networks at all levels. It takes all of us working together to create the type of comprehensive layer defense needed to successfully confront today’s cybersecurity challenges and get critical, foundational GEOINT insights to our customers securely,” said General Nakasone. “As threats evolve, so must we. We have to be agile, we have to be skilled, and we must remain ahead of the curve.”
Director of National Intelligence Avril Haines discusses the improvement and expansion of GEOINT—and where we go from here