As Cyberattacks Destabilize the World, the State Department Turns a Blind Eye

"It's manifestly ridiculous."
Image may contain Label and Text
HOTLITTLEPOTATO

A cyberattack can't blow up the world, but it can upend geopolitical stability. It can destroy national alliances, and work to undermine the most powerful democracy on Earth. It can even undercut the very idea of truth. Short of nuclear weapons, hacking has become the most destabilizing tool in geopolitics–which makes it all the more absurd that the US has apparently decided to dramatically downplay its importance.

Last month, allegedly United Arab Emirates-backed hackers planted a false, inflammatory story on Qatari news sites that contributed to the disruption of Middle East relations. Last year, a Russian hacking and disinformation campaign targeted the US presidential election. Ukraine has been under constant strain of cyberattack for years now. And yet despite these clear and present dangers, the US State Department plans to shutter its Cyber Security branch, according to multiple reports and confirmed independently to WIRED by a person familiar with the matter.

The move doesn't just potentially weaken America's ability to cope with increasing cyberthreats at home and abroad. It also underscores the State Department's blindness to the current global state of affairs. In 2017, cyberhacking serves not only as a pointed tool for nations and nation-state-backed hackers to take down power grids, but an easily accessible tool available to whoever wants to wreak world havoc by targeting information. Disinformation campaigns like the one that rocked Qatar go one step further, threatening to undermine base reality. The dangers that cyberattacks present require exactly the kind of coordinated, international response that the State Department should invest in, not bury in a bureaucratic backwater.

“It’s manifestly ridiculous,” says Paul Scharre, Director of the Technology and National Security Program at the Center for New American Security. “That would be like the equivalent of during the Industrial Revolution saying ‘this electricity thing is not important to us.’ It seems kind of obviously wrong. I don’t frankly understand what Secretary of State Tillerson is doing over there at State.”

Downgraded

Tillerson plans to place the office under the umbrella of the economic bureau, sending the message that cybersecurity is a business matter, rather than integral to national and international stability. Christopher Painter, well-respected leader of the cybersecurity team, is being forced out at the end of the month, taking with him much-needed expertise.

“[The economic bureau] are the people who talk about the allocation of the international phone numbers. I think it’s perfect job for them,” says James Lewis, senior vice president at the Center for Strategic and International Studies, with a heavy dose of sarcasm.

Experts across the political spectrum describe this as a bad idea. State’s cybersecurity office doesn't directly administer cyberattacks or defenses, but serves a vital diplomatic function. While the CIA and NSA work in secret to keep America safe from cyber and other threats, it's the state department that serves as the public face of US values. It communicates US interests with allies and adversaries, and negotiates policies about defensive and offensive measures, retaliations, and treaties. Among its successes: Leading the 2010 bilateral talks with Russia, which resulted in the best intel the US has on how Russia approaches information security offensive and defensively, says Laura Galante, a senior fellow at the Atlantic Council who participated in those negotiations while at the Department of Defense.

Reached for comment, a state department spokesperson said: “The secretary is leading a review of the department and that includes all the envoy offices.” The point of that review is to find redundancies, the spokesperson said, and make sure issues are being dealt with by the office with the most resources. The spokesperson did not confirm the merger of the two offices.

“These people want to shrink government even it means cutting off your nose," says Lewis. "What a deal."

An Insidious Threat

The 2016 election revealed that cyberthreats to this nation aren't hypothetical, large-scale infrastructure attacks, as had previously been assumed. Instead, they're the exact type of information campaigns that Russia used to disrupt the campaigns.

“There’s a reason why former Director of National Intelligence Clapper put cyberthreats at the top of his worldwide threats briefing to Congress,” says Michael Sulmeyer, Director of the Belfer Center's Cyber Security Project at Harvard. “But it wasn’t that our power plants are going to be turned off overnight. The real worry that you see going forward...is how do we think about the trust and faith that we have and the integrity of information.”

Blindness to the risk of information attacks did not start with the Trump administration. The US has for years focused on what seemed like the scarier side of cyberhacking: infrastructure. Since the 1990s, the US has prioritized preparations for dealing with so-called kinetic hacks that could take down the power grid or explode a city. Those kinds of hacks do pose a risk–as WIRED’s reporting on the power grid attack in Ukraine demonstrates. Meanwhile, it's less-sophisticated information attacks that have destabilized the world.

“We’re put our cyberguards out in front of the critical infrastructure and these guys have just gone around us,” says Lewis. “Our opponents are nimble and we’re not.”

The US has finally started to give appropriate weight to this other cyberthreat. But US adversaries have dealt with it, and formed responses to it, for much longer. The cyberpolicy office Tillerson reportedly plans to demote would lead the discussions to help share exactly the kind of information the US needs to cope.

Experts agree that now is the time to ramp up consideration of cyberthreats, to branch out and put more of an effort into understand how information attacks in particular will be used against the US and to destabilize the world. Given that the state department is the government's geopolitical diplomatic arm, to roll back cyberthreat efforts there is moving in the wrong direction.

“On the information side, the US government hasn’t been thinking about this until 2016, but the Russian government really was thinking about this and has designed their entire information security program around defending the information sphere, as they’ll say,” Galante says.

The US has been playing catch up. But if Tillerson follows through with burying the one diplomatic office focused on these threats beneath the bureaucracy of the economic office, it will send the message that the US is ready to drop out of the game.