Melissa Hathaway: US Needs to Begin Cyber 'Conversation'; Hard to Point Fingers at Culprits

Photo: Jennifer Jordan-Harrell

Before deciding how to react to a cyber attack, the United States needs to implement standards to determine what is acceptable and unacceptable behavior in cyberspace, according to a former White House cyber official.

In an interview with The Takeaway, a national morning news program hosted by BBC World Service, The New York Times and WGBH Boston, Melissa Hathaway, president of Hathaway Global Strategies and former acting senior director for cyberspace at the National Security Council, discussed the ramifications of a digitally implemented attack.

Increasingly over the last decade, energy and power grids have been moved from isolated networks to more Internet-based networks for the purpose of efficiency and reducing costs. An attack or disruption of those networks produces a ripple effect,  creating vulnerabilities throughout U.S. society.

“If you lose power, it affects all sorts of essential services,” Hathaway said. Those services, among others, she said, include water and the ability to communicate.

When asked about how the Pentagon and Washington cyber planners view cyberwarfare, Hathaway spoke of the connection between cyberspace and the economy.

“Cyberspace affords anonymity, and is generally borderless,” she said. “As the different governments around the world are debating how best approach it, the thing that they know for certain is that states play key roles in securing cyberspace because securing the cyberspace is really securing the economy.”

Recent discussions following cyber attacks on government and industry alike have questioned the best approach to take in the event of a large-scale cyber attack, and whether the U.S. should respond with conventional warfare. But before even contemplating response strategies, Hathaway said there first needs to be a broader framework in place to begin talks  on what is acceptable and unacceptable behavior in cyberspace, as well as define the terms so everyone speaks the same language.

“Once have that, you can have economic, diplomatic, military and the whole gamut of different types of response strategies,” Hathaway said. “But first, you need really the methodology by which to begin the conversation of what’s acceptable and what’s unacceptable.”

When asked who the perpetrators in cyber are, Hathaway declined to identify one specific nation or group.

“It’s hard to point fingers — over 100 nations have cyber capabilities and the attacks, whether they are from a hacker or whether it’s espionage, or whether it’s a broader based state-sponsored weaponization, there are many involved in this, which is why many need to participate in the conversation to address this and ensure it won’t escalate,” she said.

You may also be interested in...

GSA Eyes ‘On-Ramp’ Solicitation for OASIS Small Business IDIQ’s Six Subpools

The General Services Administration has announced plans to issue a solicitation as an on-ramp for the six subpools of the One Acquisition Solution for Integrated Services Small Business contract vehicle. GSA’s Federal Acquisition Service said in a presolicitation notice published Friday that it expects to award 30 contracts for subpool 1, 20 contracts for subpool 3 and eight each for subpools 2, 4, 5B and 6 of the OASIS SB indefinite-delivery/indefinite-quantity contract.

SSL to Design Methane Emission Detection Satellite; Richard White Quoted

Maxar TechnologiesSSL subsidiary has received a contract from Environmental Defense Fund to design and define requirements for a small satellite designed to detect and monitor methane emissions from oil and gas facilities worldwide. MethaneSAT is a small form-factor satellite that will work to provide high-resolution images to help detect and measure low- and high-emission sources in regions that constitute more than 80 percent of global production of oil and gas per week, Maxar said Thursday

Booz Allen’s Sarah St. Clair on Lessons Learned From HR Tech Upgrade Project

Sarah St. Clair, vice president responsible for human resource services at Booz Allen Hamilton, told Diginomica in an interview published Tuesday about the company’s experiences and efforts to address challenges associated with upgrading its HR technology system. St. Clair discussed Booz Allen’s move to execute the Workday project to manage recruitment operations and mentioned some of the actions the company made to mitigate negative impacts associated with project implementation.