Microsoft’s email hack, the second largest cyber attack in months, has led Biden’s administration to the U.S. Puts pressure on the ability to fight back to defend interests.
• read more: Microsoft vulnerability: 30,000 US companies affected by Chinese hackers
• read more: Microsoft accuses Chinese hackers of exploiting a flaw in its exchange messaging system
Experts facing attacks that exploit vulnerabilities in corporate and government networks that threaten national security believe that strong measures such as the “hack pack” are needed, which includes cyber responses, instead of hacking.
The most recent Microsoft Exchange hack, cited by a group of Chinese hackers with the support of Beijing, affected at least 30,000 US organizations in the United States, including businesses, cities and local communities.
The attack was considered “unusual aggression.”
In addition, it follows revelations that Russia may be behind the biggest December hack of the Texas-based Solar Winds, which shook the US government and corporate security.
“These two great events are an important test for the beginnings of the Biden administration,” said Frank Gilbo, a former homeland security adviser to the George W. Bush administration, director of the Macquarie Institute at Auburn University.
According to him, the response of the democratic administration is very important because it will “set the tone” in the way it wants to respond to “unacceptable cyber behavior”.
This will be a message not only to hackers but to the whole world. Because “everyone is watching, state and non-state actors” is the reactionary capacity of the US government.
James Lewis, a cyber security expert at the Center for Strategic and International Studies, believes that these two incidents are evidence that US strategy “does not work against the most efficient and most dangerous adversaries.”
“The benefits of intelligence are endless,” he continues. “The Biden team knows this, we’ve trying to change things, but we’ve not found a solution.”
Until very recently, the concept of a “hacking bag” was considered internationally and politically very dangerous.
But Lewis says the 2019 agreement between the 28 countries created a legal framework for such retaliation.
“Theft by private companies is still illegal” but one government could argue that the solution is legal for a state in the event of a large-scale attack, he adds.
David Edelman, a former digital security adviser to the Obama administration and a member of the Massachusetts Institute of Technology, notes that the Biden administration faces tough choices.
“The administration has indicated it wants to impose costs (in retaliation, the author’s note) but what kind of costs would be proportional to the attack?” He asks.
“Fees? Sanctions for agents securely established in a foreign country thousands of kilometers away?”
The answer is “surgery”
Last month, Anne Newberger, a senior White House security adviser to the White House, said her team was considering retaliating in the wake of the Solar Winds attack.
“This is not the only case of malicious cyber activity of Russian descent, nor of us or our allies or associates,” he added.
According to Frank Silfo, any response must be carefully crafted without collateral damage, such as military action against specific targets.
He argues that this could mean economic, diplomatic or military action.
“This cannot be considered an internet incident,” he stressed, arguing that the response should be integrated into the US government’s “geopolitical and national security machinery”.
Therefore, different types of responses can be embraced, whether by Russia, China, North Korea or other individuals, depending on the identity of those suspected of having carried out cybercafe.
“Attacking a computer network is one of the tools at our disposal,” he admits.
“But we want to do it surgically, in a discriminatory way, obviously, we have an impact on the targets” and they are the only ones, he concludes.