OPINION

Cyber Week in Las Vegas Paints a Grim Picture of Global Cybersecurity

The opinions expressed by columnists are their own and do not necessarily represent the views of Townhall.com.

Last week saw Las Vegas host a trio of major cybersecurity gatherings that brought together many global leaders to discuss the issues affecting information security.

Black Hat USA, DEF CON, and BSidesLV, the events that are collectively referred to as “Hacker Summer Camp,” welcomed luminaries that include former Cybersecurity and Infrastructure Security Agency (CISA) Director, Chris Krebs, National Cyber Director Chris Inglis, and the deputy chairman of Ukraine’s State Service of Special Communications and Information Protection, Victor Zhora. 

Top among the major issues discussed this year were growing concerns regarding increasing cyber-attacks originating from China and Russia.

Ukraine’s Zhora, who has witnessed his country’s victimization by over 1,600 Russian-based "major cyber incidents" so far this year, told Black Hat USA that "This (Russian Hacking Attacks) is perhaps the biggest challenge since World War Two for the world, and it continues to be completely new in cyberspace." 

The attacks that Zhora is referring to include Russian-based DDoS attacks that have targeted many of Ukraine's government agencies, as well as a slew of new malware strains that were discovered leading up to, and in the aftermath of the Russian invasion of Ukraine. This includes a pronounced spike in data-wiping malware strains, that can be potentially devastating to both governmental organizations and private entities.

Ukraine, which has recently entered into a new expanded cyber cooperation with the United States in July, was not initially thought to have the ability to stand much of a chance against Russian cyberattacks. According to statements made at DEF CON 2022 by current National Cyber Director Chris Inglis, “We didn’t give enough credit to the Ukrainians for being able to defend cyberspace.” Inglis also stated, “I and a whole bunch of others would have said that the Ukrainians would have a really tough time defending themselves in cyberspace against the Russians, because the Russians have lots of capabilities.”

According to the late July Memorandum of Cooperation (MOC) between the US and Ukraine, the countries agree to share intel and best practices on cyber events and participate in cyber training and joint exercises. “I am incredibly pleased to sign this MOC to deepen our cybersecurity collaboration with our Ukrainian partners,” said CISA Director Jen Easterly in the press release announcing the partnership. “I applaud Ukraine’s heroic efforts to defend its nation against unprecedented Russian cyber aggression and have been incredibly moved by the resiliency and bravery of the Ukrainian people throughout this unprovoked war. Cyber threats cross borders and oceans, and so we look forward to building on our existing relationship with the State Service of Special Communications & Information Protection of Ukraine (SSSCIP) to share information and collectively build global resilience against cyber threats.”

The rise in cyberattacks in the aftermath of the Russian-Ukraine conflict has also affected nations that support Ukraine, as Russian-based hacktivist organizations are now targeting entities operating within countries that have provided material support to Ukraine’s government during the conflict.

Although the Russian cyber threat took centerstage during the recent events, former CISA Director Chris Krebs told Black Hat 2022 that US government officials have told him that they are “confident" that the rise in tensions between Taiwan and China is "going to come to a head" and entities should “manage risk yesterday.”  

The US midterm elections were also discussed in the lead up to cyber week in Vegas. Election security, which is a controversial subject among Trump supporters and most of the political establishment and intelligence community, was also discussed earlier in August by CISA’s Easterly, as she had expressed her concerns regarding the effects of disinformation, misinformation and even the possibility of threats to election officials. 

Prior to the commencement of cyber week, Easterly stated that CISA intends to continue to use its Rumor Control website. The website allows the agency to attempt to counter false election narratives. “I need to make sure that my resources and my focus are where we can make the most difference at the end of the day,” Easterly said.

Most of these critical cyber issues would be more easily addressed with an increase in the global cyber workforce. The critical lack of staffing globally has been a dominant theme most of this year. Chris Krebs had also mentioned at Black Hat how he finds it “confounding” that the cyber workforce continues to face these major workforce shortages. According to Krebs, a cyber career was “fun, lucrative, durable, fascinating,” and with national security at stake, “meaningful.” 

The plethora of threats facing both the public sector and private businesses will only continue to multiply over the next few years. With increasingly profitable cybercrime operations earning hackers billions of dollars via growing scams that involve ransomware and other schemes, the future looks bright for the next generation of cyber-warriors that will find opportunities for work plentiful. But with the current severe cyber workforce shortages and no way of forecasting the future, the question remains, will Generation Z answer the call?  

Julio Rivera is a business and political strategist, the Editorial Director for Reactionary Times, and a political commentator and columnist. His writing, which is focused on cybersecurity and politics, has been published by numerous websites and he is regularly seen on National and International news programming.