In the lead-up to the midterm elections, cybersecurity dominated conversations on safeguarding elections with a steady stream of support for bolstered protections against hacking. But cybersecurity matters for more than elections and recent breaches of CIA and military technology show that although a cyberattack isn’t a bullet to the head, it could easily lead to one.
The CIA learned this the hard way. In 2011, things started to go wrong. Really wrong. Intelligence assets in China ended up dead, and the U.S. didn’t know what do about it. But the problem had begun much earlier when Iran hacked into U.S. intelligence networks, reportedly using Google, and undermined the communications system.
The root of the problem was outdated technology initially developed for use in the Middle East when the agency wasn’t facing off against powerful state actors. The network was never updated and could not withstand the stronger and rapidly developing state-sponsored hacking abilities of Iran or China.
According to reporting from Yahoo, Iran compromised the communications network first and China soon after, undermining intelligence operations in both countries critical to U.S. interests and jeopardizing the safety of those working with American intelligence.
By the time the CIA finally figured out what was going on in 2013, it set off a rush to contain the catastrophic breach. By then, CIA operatives had been uncovered in Iran and informants executed. In China, between 2011 and 2012, about 30 agents working for the U.S. were executed.
Cybersecurity mattered, and it failed. Although the CIA compromise happened a few years ago, cybersecurity of key elements of national defense is still a problem for the U.S.
During the ongoing NATO war games, for example, the Russian military successfully interfered with GPS signals. A spokesperson for NATO told CNN, “Norway has determined that Russia was responsible for jamming GPS signals in the Kola Peninsula during Exercise Trident Juncture.”
Jamming GPS, of course, doesn’t just affect the military but also civilians.
The threat of such attacks was acknowledged by a Pentagon spokesperson, who explained, “The U.S. is keenly aware cyberattacks and electronic warfare are being used on and off the battlefield with alarmingly greater frequency and severity. We have experienced this in many areas where we operate, and we have observed the potentially devastating impact such measure could pose to civilian aviation.”
Although the interference was detected and doesn’t seem to have interrupted key operations, the successful jamming of GPS systems is a cause for concern. If the U.S. fails to bolster its ability to counter these threats, then for all of our superior firepower, adversaries can easily undermine our conventional advantages. That is a mistake that the U.S. cannot afford to make.
The message for the United States from these incidents is clear: The U.S. needs to take cybersecurity as seriously as physical safety. In the end, a breach could have the same result as a gunshot, through things like compromised troop equipment or the unraveling of covert networks.
