Wanted: A US Strategy for ‘Offense’ in Cybersecurity

BOTTOM LINE UP FRONT — The U.S. is facing an onslaught from adversaries in cyberspace, and while conversations about the response has focused on bolstering cybersecurity defenses, some have argued for an approach more geared to offense. That’s the view of many experts and of some officials in the new Trump administration, including National Security Advisor Mike Waltz, who has said the U.S. should “start going on offense and start imposing… higher costs and consequences” for cyberattacks directed at U.S. targets. 
The U.S. has already taken retaliatory action against bad cyber actors; in one of his final acts as president, Joe Biden issued an executive order on cybersecurity that grants expanded authorities for sanctions against those who launch cyberattacks against U.S. critical infrastructure. Soon after, the Treasury Department sanctioned an alleged hacker and companies in China linked to the recent Salt Typhoon hack of U.S. telecommunications firms. Washington has imposed similar sanctions and financial restrictions on entities linked to other recent China-linked attacks, and the Department of Defense’s most recent Cyber Strategy instructed the department to prepare responses to “destructive cyber attacks.” But many experts believe the U.S. still lacks a clear offensive cyber strategy.

The Cipher Brief asked experts what such a strategy might look like. They offered a range of ideas – from offensive “playbooks” to cyber counterstrikes to an increased role for the private sector – all in the name, as one expert put it, of making “the leap from passivity to proactivity.”