U.S. Pledges To Help Japan Battle Cybercriminals
With high-profile breaches rising, including this week’s hack of Japan’s pension system, the United States has pledged to help the Asian nation battle cyberattacks against power grids, military bases and other high-value targets. But news comes with mixed reactions from America’s security community.
"We note a growing level of sophistication among malicious cyber actors, including non-state and state-sponsored actors," according to a joint statement from the U.S.-Japan Cyber Defense Policy Working Group.
In another statement, Japan’s defense ministry said it has also vowed to contribute to joint efforts “addressing various cyberthreats, including those against Japanese critical infrastructure and services utilized by the Japan Self-Defense Forces and U.S. Forces."
A Long Overdue Idea
We turned to Philip Lieberman, President of cyberdefense firm Lieberman Software, to get his reaction on the cyberdefense agreement. He told us he thinks it’s a great idea that’s long overdue.
“The need for this cooperation became clear and very public in the Sony debacle that affected both Japanese and American operations,” he said. “The nature of Asia Pacific relations between Japan and its neighbors -- and their disagreements -- have moved into conflicts that now play out in cyberspace on a worldwide basis.”
Lieberman said coordinating cyberthreats between Japan and its allies could minimize the consequences and speed up mitigations. The agreement could also trigger better awareness of cyberdefense in Japan among its government agencies, consumers and companies.
We Have Our Own Problems
But Richard Blech, CEO of digital security solutions firm Secure Channels, has a completely different view. Given the United States has yet to cure its own epidemic of breaches, he told us this alignment with Japan seems like an awfully grandiose idea.
“We have clearly underperformed. The technology now exists, we need to implement and build our own foundation of security,” Blech said. “Advertising collaboration to another country who also needs cyber security is like waiving a big flag yelling ‘hack me.’”
Blech is convinced that it’s time for security leaders in the private sector and the government to work together using the latest cyberdefense technologies to stop the proliferation of breaches. At the very least, using technologies like encryption at the deepest level to mitigate the damage leaving only useless data for the hacker, he said.
“Clearly, keeping Japan safe and our relationship intact is important, we simply need a proven plan,” he said. “Then we can actually share proven solutions to help Japan.”
Improving Counter-Offensive Tactics
Igor Baikalov, chief scientist at security analytics firm Securonix, told us the Pentagon's new cyber strategy specifically calls out the threat of retaliation as a principal factor of deterrence.
“Considering potential for a significant collateral damage, effective response in the cyberspace is severely limited by the quality of attribution, or identifying the source of the attack,” he said. “Closer cooperation on cybersecurity and information sharing, while beneficial to cyberdefense, is actually aimed at improving counter-offensive capabilities: triangulation between cooperating partners makes masking the source of the attack more difficult and increases the accuracy of attribution.”
Image credit: U.S. Cyber Command.