Can national laboratories like Los Alamos and Sandia help the United States win the New Cold War in cyberspace the way they helped it win World War II?
The answer to this question is critical, because President Vladimir Putin, who has already interfered in the past two U.S. presidential elections and in thousands of business companies, is bound to intensify his cyberattacks against America, as he holds it responsible for his on-going losses in Ukraine.
The U.S. has 17 national laboratories whose mission is to enhance the physical, economic and social security of the country. They have an annual budget of $13 billion and employ over 70,000, many of whom are cutting-edge scientists. They are government-owned, contractor-operated. Many have a small, uncoordinated cybersecurity role, subservient to their nuclear missions. Cyberthreats to the U.S. are dangerous because all weapons of mass destruction and all commercial products and services that utilize software are potential targets. This includes nuclear weapons and the financial, transportation, energy and health care sectors. Ordinary people can also be attacked through their digital devices.
To put it plainly, a cyberenemy, like Russia or China, can disable our nuclear bombs, freeze our finances, stop our cars on our way to work, halt our planes in midair, disconnect our lights and air conditioners, and strike us as individuals.
In the past, the relationship between lab operators and the government was collaborative. Since then, it has become customer-focused. But while such a model might be effective for consumer companies like Burger King, it is dangerous in making a national cybersecurity policy, because government agencies like the Department of Energy and Cybersecurity and Infrastructure Security lack the scientific knowledge to identify, compare and choose among different options to secure the U.S. cyberborders. Unlike lab scientists, they are political appointees with short-term horizons.
What is needed is a comprehensive federal cybersecurity policy, where the government, labs, academia and industry play a cybersecurity policy role. This may require a champion to get the job done – a job that could lead to the creation of a new laboratory, or at least a robust thrust focusing on cybersecurity. The United States has a national lab dedicated to renewable energy; there should be no reason why cybersecurity would be treated as less important.
The Los Alamos and Sandia labs were created in 1943 and 1945, respectively, to build an atomic bomb to end the war. They may be well-suited to lead the critical effort of developing tools to protect the nation’s cyberspace. The choice is ours to make to secure our cyber future: develop and implement a comprehensive cybersecurity policy to ensure our future and leadership in the world, or be relegated to a declining status in cybersecurity and possibly in the world.
Avraham Shama’ new book, “Cyberwars: David Knight Goes to Moscow,” was recently published by 3rd CoastBooks.