The Trump administration has released a National Security policy outlining basic cybersecurity priorities, and on Monday officially acknowledged that North Korea was behind the WannaCry ransomware attacks earlier this year.
In a 68-page National Security Policy [PDF] issued by the White House, cybersecurity commands just one and a half pages and 695 words. It lays out a series of priority actions, starting with assessing critical infrastructure risk and then prioritizing protective efforts, capabilities and defenses accordingly. This will be done across six key areas: national security, energy and power, banking and finance, health and safety, communications and transportation.
Deterring and disrupting malicious cyber-actors is another key arena. “The United States will impose swift and costly consequences on foreign governments, criminals and other actors who undertake significant malicious cyber-activities. We will work with allies and friends to expand our awareness of malicious activities. A stronger and more resilient critical infrastructure will strengthen deterrence by creating doubt in our adversaries that they can achieve their objectives.”
IT modernization is part of the plan as well, to “improve our ability to provide uninterrupted and secure communications and services under all conditions,” and the plan calls for deploying layered defenses and working with the private sector to remediate known bad activities at the network level.”
The policy also incorporates what appears to be a shout out to the internet of things (IoT): “The government and private sector must design systems that incorporate prevention, protection and resiliency from the start, not as an afterthought,” it said.
Finally, on the information-sharing front, the plan calls for the government to work with critical infrastructure partners to reduce the barriers to threat intelligence, such as speed and classification levels; and to expand collaboration with the private sector in order to better detect and attribute attacks.
Though the section is brief, the White House illustrated how high the stakes are:
“Cyberattacks offer adversaries low-cost and deniable opportunities to seriously damage or disrupt critical infrastructure, cripple American businesses, weaken our Federal networks, and attack the tools and devices that Americans use every day to communicate and conduct business,” the document acknowledged. “Critical infrastructure keeps our food fresh, our houses warm, our trade flowing, and our citizens productive and safe. The vulnerability of US critical infrastructure to cyber, physical and electromagnetic attacks means that adversaries could disrupt military command and control, banking and financial operations, the electrical grid and means of communication. Federal networks also face threats. These networks allow government agencies to carry out vital functions and provide services to the American people. The government must do a better job of protecting data to safeguard information and the privacy of the American people.”
Meanwhile, confirming the consensus opinion that a state-sponsored hacking group (likely the Lazarus Group) was behind the WannaCry attacks, Tom Bossert, Trump’s homeland security adviser, come out to make a statement that “North Korea is directly responsible. We do not make this allegation lightly. It is based on evidence. We are not alone with our findings, either.”
After that public statement, in an op-ed published in the Wall Street Journal on Monday, on Tuesday he called the wave of attacks “reckless” and “meant to cause havoc and destruction.” He also mentioned retaliation, but didn’t outline what that would consist of.
“I think, at this point, North Korea has demonstrated that they want to hold the entire world at risk, whether it be through its nuclear program or cyberattacks,” he said, in a news conference at the White House.