The country’s financial future is hanging by its digital thumbs.
Look no further that the recent cyberattacks on multiple federal agencies,
These recent attacks were the result of an elaborate and well-planned global cyber espionage campaign believed to be orchestrated by the Russian government and
Now,
Cyberattacks cannot be treated as harmless games of “tag you’re it.” But figuring out just how to respond proportionally against countries like Russia, China, North Korea and Iran is a challenge that has been debated for decades.
Two years ago, I
The Treasury is one of several central government hubs that make the country’s economic grid work. Even a stutter in its ability to issue notes or irrigate the economy would be remarkably damaging. And yet, no single U.S. agency, combination of agencies, or partnerships between the governmental and private sector are responsible for the comprehensive identification, protection, detection, response and recovery of the country’s economy and its component parts.
Why?
Presidents and congress have studied cybersecurity issues for the last 25 years, only raising passing references to concerns about the country’s economic infrastructure. Legislators, regulators, academics and policymakers have been distracted by less important issues or hopelessly mired in yesterday’s stale policy debates about Glass-Steagall and too-big-to-fail, forcing them into a world that is quickly passing by.
But the number of Cassandras are increasing. Indeed, the largest banks are spending hundreds of millions of dollars on their individual defense systems. A new Carnegie Endowment study,
A 2019
Such inaction is likely due to confusion over who or what is supposed to act. The U.S. Government Accountability Office
Global leaders from some of
Unfortunately, the best America has to offer at the moment are strategies that rely on a company-by-company, agency-by-agency detection and defense systems. Think of the consequences if that were the way the United States constructed its strategic military defense. A large bank like JPMorgan Chase would have to acquire its own supply of ballistic missiles to defend and protect its square block in Manhattan.
This is a problem that neither the government nor the private sector can solve by themselves. All too often, the private sector is legitimately reticent about allowing the government to peer under the shades. It also demands the sharing of information that may impact the relative competitive advantages of those private companies.
Private organizations such as the
In the end, there must be a clear delineation of responsibility between government agencies and private companies.
The winds of financial cyberwars are forming, but there is no U.S. cyber coast guard, no effective cyberwar early warning system, no advance strike team, and no corps of cyber financial engineers to protect or rebuild the economy.
Not enough serious resources are being dedicated to this issue by the government. It must take the lead to implement a comprehensive cyberwarfare economic strategy that contains an achievable set of goals and recovery plans that ensure that backup systems can sustain the damage, be immediately rebooted and become operational.
There have been more than enough studies urging the construction of enforceable mechanisms that deter and protect against cyberwarfare through layered defenses and systemic resilience. It’s time for action.
The willingness and capacity of the Biden administration to undertake the challenge to safeguard the economic infrastructure of the United States may also define its capacity to defend democracy itself.
Parts of this article are drawn from Thomas P. Vartanian’s upcoming book,