(Washington) The Microsoft email hack, the second major cyber attack in months, puts the Biden administration under pressure on its ability to fight to protect US interests.
In the face of attacks that exploit vulnerabilities in corporate and government networks that threaten national security, experts believe that strong measures are needed, such as “hacking,” which is an email response consisting of hacking in return.
The latest Microsoft Exchange hack, attributed to a group of Beijing-backed Chinese hackers, affected at least 30,000 US organizations, including companies, cities and communities in the United States.
This attack was considered “unusually aggressive.”
Additionally, it comes after the revelation that Russia was likely behind the massive hack in December of a Texas-based program, SolarWinds, that shook US government and corporate security.
“These two very large incidents are an important test of the beginnings of the Biden administration,” said Frank Celovo, a former homeland security adviser in the George W. Bush administration and now director of the McCurry Institute at Auburn University.
According to him, the democratic administration’s response is particularly important because it “sets the tone” for the way it intends to respond “to unacceptable cyber behavior.”
It will also be a message to the whole world, not just hackers. Because “everyone, governmental and non-governmental,” he said, “is watching the US government’s ability to respond.”
James Lewis, a cybersecurity specialist at the Center for Strategic and International Studies, believes the two incidents are evidence that US strategy “is not working against the most qualified and dangerous adversaries.”
“The benefits of espionage are endless,” he continues. “The Biden team knows that and is trying to change things, but we are far from finding a solution.”
“The return of piracy”?
Until very recently, the idea of ”piracy” was considered politically very dangerous, by international standards.
Lewis says a 2019 agreement between 28 countries established a legal framework for such retaliation.
He adds that “piracy by private companies is still illegal,” but the government could argue that a remedy for the state is legal in the event of a large-scale attack.
David Edelman, a former digital security advisor to the Obama administration and a fellow at the Massachusetts Institute of Technology, notes that the Biden administration faces tough choices.
The administration has indicated that it wants to impose costs (retaliation, Editor’s note), but what kind of costs would be proportional to the attack? Asked.
“A shipment? Penalties” of agents safely installed in a foreign country thousands of kilometers away?
‘Surgical’ response
Last month, Ann Neuberger, the White House chief cybersecurity adviser, said her team was contemplating revenge after the attack on SolarWinds.
“This is not the only case of malicious cyber activity that may be of Russian origin, either for us or for our allies and partners,” she added.
For Frank Silovo, any response must be carefully worded, without collateral damage, like military action against specific targets.
He argues that this could mean economic, diplomatic, or military measures.
He insisted that “this cannot be dealt with as a mere cyber incident,” calling for the response to be incorporated into the “national and geopolitical security mechanism” of the US government.
So the different types of responses can be adapted depending on the identity of the cyber attack suspect, be it Russia, China, North Korea, or other individuals.
“It’s clear that attacking the computer network is one of our tools,” he admits.
He concludes, “But we want to do it surgically and in a differential manner, to have a clear impact on those we target,” and they are alone.