This post is also available in: עברית (Hebrew)
As 2021 passes, the question arises whether the US federal enterprise and military are better positioned to handle cybersecurity incidents in 2022.
The US military continued its march toward digital and interconnected warfare. The Pentagon’s biggest initiative was its effort to connect sensors and shooters to achieve a networked battlefield in which disparate systems are passing unprecedented amounts of data to help inform commanders. This Joint All-Domain Command and Control (JADC2) initiative will be part of future wars against a near-peer such as China and Russia.
But a series of cyberattacks during 2021 highlighted the perils that the Pentagon faces in networked warfare and the threats to US critical infrastructure.
The ransomware attack on the Colonial Pipeline gasoline pipes company in May caused major disruptions and chaos up and down the East Coast. The attack, carried out by an Eastern European-based cybercriminal group called DarkSide, renewed calls by experts to increase cybersecurity funding for the nation’s critical infrastructure.
The attack demonstrated that when ransomware affects critical infrastructure, it can be perceived as a national security issue. It also raised questions about the government and military’s role in protecting critical infrastructure, and about the role of US Cyber Command’s role in responding to the attacks, according to breakingdefense.com.
Following the SolarWinds hack of US government networks at the end of 2020, the NSA urged the industry to adopt zero-trust cybersecurity measures and increased calls for government and industry collaboration on cybersecurity. As part of the government’s response, President Joe Biden signed a wide-ranging executive order earlier this year to bolster federal cybersecurity.
The Log4j vulnerability in the Apache open source logging software has led to an emergency directive issued by the Cybersecurity and Infrastructure Security Agency calling on US agencies to identify and patch instances of Log4j on their Internet-facing systems until Dec. 23. The directive also tells agencies to report all affected software applications to CISA by Dec. 28.
2021 was a “rebuilding year” for federal cybersecurity after the Trump administration did away with the former White House national cybersecurity coordinator position, according to Chris Cummiskey, a consultant and former Department of Homeland Security under-secretary for management cited by federalnewsnetwork.com. “There’s much better coordination now between the White House key cyber functions, the National Security Agency, the FBI, and CISA.”