Federal government officials sounded a strong message earlier this week at the RSA security conference in San Francisco.
Rob Joyce, NSA’s head techie, said that he views Russia as a hurricane – it comes in fast and hard (and does major damage). China is more like climate change, he said – long, slow and pervasive.
Chris Krebs, head of DHS’s new Cybersecurity and Infrastructure Security Agency (CISA), said that Russia wants to disrupt things but China wants to manipulate the system to its ultimate long term advantage. Combating Chinese digital espionage will be one of their major focus areas during the next 18 months.
Federal officials were united in their assessment – Short term damage from Russia; long term financial impact from China stealing all of our stuff.
When FBI Director Wray was asked if the government was overemphasizing China’s digital threat, he said that if anything we have historically underestimated it.
Crowdstrike president Shawn Henry, a former FBI executive assistant director, said that while the theft of data will have significant economic impact, the Russian attacks can have a significant threat to life.
Finally, Chris Krebs pointed out that companies need to do the simple stuff to make the Chinese work harder. The majority of the times they’re getting it, its just basic, basic stuff.
So, whether you are worried about short term destruction or long term financial harm, the message is that we need to do a better job of cybersecurity.
Add to that all of the run of the mill hackers and it is not a pretty picture.
Source: The Cybersecurity 202.