Editorial from the Pittsburgh Post-Gazette
The U.S. armed forces are widely considered the most formidable military force on the planet, the ultimate deterrent to foreign invasion and attack. However, there’s an invisible enemy breaching U.S. defenses all too often.
A rash of major, highly publicized cyberattacks has been sweeping the nation, and analysts are predicting increases in frequency and sophistication of such attacks as time goes on. At present, President Joe Biden is working to pass a sweeping infrastructure plan, with Republican leaders countering the president’s offer with a smaller package.
Wherever the spending cutoff falls as the two sides square off, any attempt to improve America’s infrastructure must make cybersecurity a top priority.
In February, an unknown assailant hacked the water supply of a city in Florida and unsuccessfully attempted to poison the water supply. In April, the Metropolitan Transportation Authority was hacked by a group with ties to China. Passenger safety was not at risk, but the hackers may have gained access to private customer information.
In May, a ransomware attack on Colonial Pipeline caused operators to shut down one of the country’s largest pipelines, leading to panic-buying in the Southeast. This month, major meat producer JBS USA suffered a cyberattack.
Biden signed an executive order in May to improve the federal government’s responsiveness to cyberattacks in the private sector, but he must go further.
Most companies and systems, even small businesses, will face cyberthreats at some point. Breaches can cost companies and governments millions of dollars in ransom fees when criminal groups hold data hostage.
Much like paying for insurance, paying for appropriate cybersecurity improvements upfront could save money in the long run. Better to have security and not need it than the other way around.
The federal government must work with the private sector to develop and upgrade security protocols. Given the public sector’s notoriously slow speed compared to the development of new malware and phishing software and ransomware, any regulations or standards the government sets likely will fall out of date rapidly. Cybersecurity protocols must be equally agile.
A federal infrastructure plan should include funding to develop cybersecurity as well as grant funding for small companies that may not otherwise be able to afford a cybersecurity package or consultant.
As the world becomes more technological and networked, the potential for harm only grows. Any plan to improve America’s infrastructure must take this threat into account.