Trump Announces New Cybersecurity Plan: What Obama Already Does
Trump has gone from talking about 'the cyber' to using some of the president's ideas
After months of campaigning with vague promises, references to “the cyber,” and speculation about 400-pound hackers, Donald Trump finally gave a rough cyberwarfare plan. The newly articulate Trump (at least while the teleprompter is rolling) seems to want to do what President Obama is already doing.
Speaking Monday at an event in Virginia, an on-script Trump spoke for several minutes in far more detailed language about two major “cyber” subjects: our military’s cyberwarfare capabilities, and our need for improved government cybersecurity.
“I will make certain that our military is the best in the world in both cyber offense and defense,” Trump said. “As a deterrent against attacks on our critical resources the United States must possess and has to have the unquestioned capability to launch crippling cyber counter attacks. And I mean crippling. Crippling.”
It was a marked change from Trump’s previous word choices to describe cybersecurity. For months, he repeatedly seemed to refer to both cybersecurity, a broad term that refers to keeping computers and networks safe from hackers, and cyberwar between nations, broadly as “the cyber.”
In a rambling answer at the first presidential debate, Trump said that cybersecurity “is a huge problem. I have a son. He’s 10 years old. He has computers. He is so good with these computers, it’s unbelievable. The security aspect of cyber is very, very tough. And maybe it’s hardly doable.”
Later in that debate, when asked about recent hacks of the Democratic National Committee, even though intelligence officials had briefed Trump that Russia was the likely culprit, Trump postulated that “it also could be somebody sitting on their bed that weighs 400 pounds.”
Trump’s newfound ability to speak about cybersecurity could be seen as an olive branch to the industry, Jason Nealey, the former White House Cyber Infrastructure Protection Director and president of the Cyber Conflict Studies Association, told Vocativ.
“A lot of the cybersecurity community probably felt personally insulted with ‘400-lb hackers,’” he said. “I think the community’s going to be glad that he’s said he needs to come up with something that’s a little more of a policy.”
Trump’s more articulated plans, however, didn’t seem to differ much from the White House’s current path.
“I will make certain that our military is the best in the world in both cyber offense and defense and in every other way, by the way,” he said. “This is the warfare of the future. America’s dominance in this arena must be unquestioned. And today it’s totally questioned.”
Military hacking arms of countries like China and Russia have been accused of attacking the U.S. for political gain. China is believed of the Office of Personnel Management, which is functionally the human resources department of the government, for instance. U.S. intelligence officials think Russia is behind the hacks Democratic National Committee, though that’s less surprising than the fact that the contents of which were then passed to WikiLeaks for distribution.
But that doesn’t mean such attacks were sophisticated. Nealey pointed to the successful deployment of Stuxnet, the joint NSA and Israeli intelligence virus that crippled Iranian nuclear centrifuges, and of the NSA’s stunning power revealed by some of former contractor Edward Snowden’s leaks.
“America’s dominance, at least in the offensive side, is pretty unquestioned,” Healey said. “If you do question it, you’re probably not paying much attention to the news.”
“It’s really not much of a change from President Obama, or really President (George W.) Bush,” he added.
As for rapidly increasing American ability, the Department of Defense is on schedule for its 2018 completion of its Cyber Mission Force, a collection of 133 cyberwarfare teams devoted to everything from offensive attacks against enemy networks, to protecting U.S. systems to aiding combat missions, to defending the DoD’s own systems from hackers. As of August, around 4,700 “cyber warriors,” among 100 teams were already operational.
Trump’s second point called for a review team to bolster government networks’ cybersecurity. “We will put together a team of our best military civilian and private sector cybersecurity experts to comprehensively review all of our cybersecurity systems and technologies,” he said.
“The review will be very much exact and recommended by experts,” Trump added. “We want experts. Our finest people. We don’t want people who are B-level, C-level, D-level.”
There’s no doubt that the U.S. government has glaring cybersecurity holes. A Government Accountability Office review of the OPM hack — which exposed some 21.5 million government employees having at minimum their basic personal information, including Social Security Numbers — concluded the OPM had a number of glaring vulnerabilities.
But it’s not clear that Trump’s solution would be different from what’s already in place, either.
“Trump’s plan doesn’t look that different than the Obama Cyberspace Policy Review from 2009, with some additional rhetoric,” Jim Denaro, an expert in national security law and the founder of CipherLaw, a firm that specializes in information security, told Vocativ.
The White House declined to formally comment for this story, but a staffer noted to Vocativ that Trump’s speech echoed Obama’s Cybersecurity National Action Plan, announced in February and set to begin in 2017. The Trump campaign continued an unbroken, campaign-long tradition of not responding to this reporter’s request for clarification or comment.