Center for Strategic Assessment and forecasts

Autonomous non-profit organization

Home / Defence and security / / Articles
The new cybersecurity strategy of the United States: a brief analysis of the new edition
Material posted: Publication date: 16-10-2018

At the end of September 2018 U.S. President George trump signed the document which in Russian language can be translated as "national cybersecurity strategy".

This is not the first edition of the cybersecurity strategy (the previous version of the document was published in 2003 and 2011, each new edition was a rethinking of received previous years experience and allowed to move on).

The new version of the document draws attention to several points which we believe it is appropriate to comment.

Based on the volume and diversity of document, consider in this review only the provisions of the first Chapter.

So, in this Chapter it is noted that "...the administration authorizes the Department of homeland security (Department of Homeland Security, DHS) for security Federal Ministerial and departmental networks, excluding national security, Department of defense (Department of Defense, DOD) and intelligence community (Intelligence Community). To the necessary measures, including include ensuring the Department of homeland security with appropriate access to departmental information systems for cybersecurity, which also may carry on business and issue orders for the protection of systems from a range of risks...".

Such a wording means that the U.S. DHS is granted the rights as a regulatory body that defines the requirements for information security, and the Supervisory authority. It should be noted the possibility of access by the Ministry to all networks, except networks of the Ministry of defense and intelligence community networks. De facto, this approach would mean a technical possibility of obtaining almost any information is available from controlled networks, bypassing the judicial process. Moreover, the end of the Chapter States: "...the Administration will work with Congress to update the legislative acts on electronic surveillance and computer crime with the aim of empowering law enforcement agencies to legally collect the necessary evidence of criminal activity...". This wording means that the technical ability to control the networks from the U.S. DHS will be supported by de jure.

Next. With high probability we can assume that at the moment the network under this Strategy equipped with diverse means of information protection from various manufacturers. This is a justifiable assumption, since the market of systems and means of information protection developed a few decades ago and to date it has identified as leaders, and outsiders. However, the market of systems and means of information protection is still new, the rules and regulations it still require clarification.

As a first step towards regulation of this market in the document under consideration, unification of the equipment used required a more careful selection of suppliers. As a consequence, possible removal from the list of suppliers of Russian companies or companies with partial Russian financial participation.

Another noteworthy aspect is the enshrinement of the right to demand financial responsibility from the perpetrators of cyber attacks and their organizers. Given the regular in recent years, the fact of detention of Russian citizens by US authorities on charges of hacking, this provision will be used as a tool of pressure on the accused. In this regard, the Strategy noted that the US administration will step up efforts to extradite accused of hacking.

According to the document government agencies use available information to increase the level of security at the network equipment by transmitting the producers of information about vulnerabilities and threats. It is possible that after this step, companies such as Arbor will produce two versions of the equipment for use inside the United States and the rest of the world. As a consequence, we can assume that network in the Russian Federation, using the U.S. network equipment, already can not resist certain classes of computer attacks.

Noteworthy is the selection of two sectors, requiring, in the opinion of developers of the document, special attention to the requirements for cyber security: transportation (with special attention to the Maritime freight transport, which, in turn, is allocated to transport gas and oil) and space industry. It can be assumed that the data industry the developers of the document consider as the most critical from the point of view of cybersecurity that is at this stage and with the current edition of cyber strategies.

Ends the first Chapter attitudes on international cooperation in cybercrime investigations. As a result, you can expect to enhance the U.S. Department of State, including the intensification of attempts to neutralize the Russian position in this field.

In General, the document is an evolutionary development of the previous revision. A number of new provisions, no doubt, will entail significant changes in the field of international information security and will entail in the coming months, changes that will affect the industry as a whole.

Alexei Levykin

RELATED MATERIALS: Defence and security