Military leaders warn U.S. must prepare for cyber, infrastructure threat
Speakers at military conference push for rapid action in face of domestic vulnerabilities
Speakers at military conference push for rapid action in face of domestic vulnerabilities
Speakers at military conference push for rapid action in face of domestic vulnerabilities
The United States must immediately get ready for domestic, cyber-enabled attacks on critical domestic infrastructure and guard against foreign-initiated information operations targeted at the American people, according to speakers and panelists at an Association of the U.S. Army symposium on Wednesday in Arlington, Virginia.
“When we’re talking about threats to critical infrastructure, it will be in the homeland and we must prepare for that,” Lt. Gen. Maria Barrett, Commanding General of U.S. Army Cyber Command, told the attendees at a 2023 "Hot Topics" series.
Mark Bristow, director of the Cyber Infrastructure Protection Innovation Center (CIPIC) at the non-profit Mitre Corporation, a research group in McLean, Virginia, said modern adversaries increasingly no longer distinguish between military and civilian populations when launching cyberattacks, seeking the largest disruption possible.
“It’s part of their plan to influence civilian populations and to change our political calculus,” Bristow said. Such indiscriminate attacks, he said, are “meant to degrade Americans’ trust and degrade their willingness to fight.”
Ransomware attacks on hospitals and Colonial Pipeline were cited as recent examples of cyberattacks on critical infrastructure that cause serious impacts, affecting patient care, transportation, and commerce.
In a keynote address, Patrick Murphy, former Under Secretary of the Army, cautioned that with 85% of infrastructure in the United States privately held, the government and the military cannot act alone to defend this infrastructure and urged an expansion of public-private partnerships to harden those assets.
War in Ukraine foreshadows civilian threat
Citing Russian tactics in its unprovoked war in Ukraine as another example of the ominous cyber threat to civilians, Samantha Lewis, manager of Strategic Geopolitics-Global Issues at Recorded Future — a cyber security firm in Somerville, Massachusetts — noted that Russia has shifted its priority to targeting things like hospitals, power grids, and access to water with both traditional munitions and cyber sabotage.
“You might wake up in the morning and decide it’s not worth going to fight when you don’t know where you’re going to get water,” Lewis said.
Such tactics that expand a traditional battlefield to all parts of society can potentially undermine a population’s decision to defend itself, several speakers noted.
Col. Sean Stinchon, director of foreign intelligence at the Department of the Army, based at the Pentagon, pointed to American intelligence assessments overestimating Afghan security forces’ will to fight and underestimating the staying power of Ukrainian forces as two examples of faulty assumptions on the battlefield.
“We got the invasion part right, but we didn’t get the will to fight,” Stinchon said. “The intelligence community is fundamentally reassessing how we evaluate ‘will to fight,’” he said.
Information warfare
Another lesson from the war in Ukraine is the now-ubiquitous nature of information warfare as a key tactic on the battlefield.
“When it comes to the information domain domestically,” asked Lt. Gen. Barrett at Army Cyber Command, “how do we make soldiers and families resilient to that, so our adversaries cannot compromise their will to fight?”
Carla O is a ‘Hiring Our Heroes’ military fellow with the Hearst Television National Investigative Unit in Washington D.C. She served in the U.S. Marine Corps from 2018-2023. Mark Albert and Tamika Cody contributed to this report.
If you know of cyber security concerns you want us to investigate, please send confidential information and documents to the National Investigative Unit at investigate@hearst.com.
WATCH THE HEARST TELEVISION NATIONAL INVESTIGATIVE UNIT’S ONGOING CYBER SECURITY COVERAGE: