Is this ever going to end? The daily barrage of hacking news assaulting us in headlines is making us numb, if not scared to death. However, there is a little-known secret that gets lost in all of this cyber-disaster noise. The U.S government does, in fact, have a three- to four-year offensive technological lead over foreign adversaries – although that small secret will do little to comfort citizens when their credit cards, infrastructure, banks, political parties, and media firms are being constantly hacked.
“If America, or U.S. Cyber Command, wanted to wage cyber war,” Frank Kaplan, Pulitzer Prize-winning author of Dark Territory: The Secret History of Cyber War, writes, “it would do so from inside a glass house.”
Yes, Americans live in a cyber glass house. As one of the world’s most advanced technological countries, the U.S. has dumped hundreds of billions of dollars over the years into advancing its cyber capabilities to be ahead of its adversaries. On the other hand, its society is also the most vulnerable because Americans’ lives depend upon the very technology the commercial innovation engine has created.
Herein lies the problem. The hundreds of billions of dollars poured into intelligence agencies and research laboratories has given the U.S. the technological edge in conventional and cyber warfare. However, the commercial sector is bearing the brunt of the cyber-carnage due to the nature of fast innovation and the fact that private industry does not directly benefit from the immense cyber warfare capabilities the U.S. possesses – a glass house indeed.
The idea of bringing some of this “over-the-horizon” technology out from under the heavy cloak of U.S. intelligence agencies and military commands, and into the hands of the commercial sector to better defend itself is not a new one. This is has been debated, discussed, and written about before. Plenty of venture firms have travelled to and from California trying to make this happen but, for a variety of reasons, the Washington region continues to be 98 percent geared towards defense contracting, and not towards building commercial cyber products – until now.
Companies walking the line between venture firms and technology incubators are taking on the role of bringing technology out of the intelligence agencies and research labs and commercializing it for the purpose of defending the U.S. commercial machine. For example, one such firm, Enveil, has successfully developed homomorphic encryption.
Considered by some as the pinnacle of cloud security, homomorphic encryption has been a 20-year goal of research labs, universities, large technology firms, and governments around the world. The concept of is simple: you can take your most sensitive data, whether it is the formula to Coca Cola or the nation’s most closely guarded secrets, encrypt the data and throw it into the cloud. With homomorphic encryption, you could even put this encrypted data in the Chinese military cloud and still be the only one able to query and run analytics against it – while never actually decrypting the data, ever.
This is because homomorphic encryption is essentially malleable encryption that allows the results of query requests and analytics to remain encrypted throughout the process.
Sounds futuristic by all accounts, but it is, in fact, here and working now at speed and scale. This technology was developed inside the NSA and the team decided to come out and build a commercial company to bring this technology to Western world at large. The benefit here is that not only does this make the data of commercial companies much more secure, but it has given U.S. intelligence agencies a second boost. The ability of a fast-moving startup to evolve and build quickly allows firms to build products that are several versions ahead of what is built inside the burgeoning bureaucracy of the NSA. Now, the NSA, too, benefits from the quick advances in the technology by the private sector.
The good news about this unique transfer of capabilities is that the intelligence community is also seeing benefit. Once these teams come out into the fast-moving pace of startup life, they are able to quickly evolve and build versions of the technology very quickly. This new and improved technology then goes back into the government as well as to the broader commercial world very quickly.
This is just the beginning. It’s not the only answer to fixing the imbalance between intelligence community technology and the private sector, but it is a strong start. More over-the-horizon technologies are now coming out and being turned into commercial cyber, big data, and analytics startups to quickly get the technology into the hands of private industry to shore up their defenses.
Technologies that can dramatically improve cellular, radio, and satellite bandwidth in order to increase speed by a hundred times with existing infrastructure will soon be reality. This, in turn, increases, for example, the distance drones can fly from their ground link stations, cut the required size of military antennae in half, and give both the commercial and defense worlds immense advantages over foreign adversaries. Imagine a battlefield where U.S drones have twice the range, potentially easing diplomatic and political arrangements due to lessened requirements for forward operating bases. Not only will there be higher internet speeds on airline flights, but the horribly slow cell service on the hour-plus commute stuck in traffic could be a thing of the past.
Shoring up the cyber defenses of the commercial engine while at the same time bringing startup-speed improvements to existing defense technologies is not a silver bullet for all cybersecurity problems, but it is a fast-moving experiment that has already shown incredible results in bringing commercial technology up to speed with that of U.S. intelligence agencies.