On Thursday, a global cyberattack hit multiple unnamed US federal agencies, the latest in a series of attacks targeting a vulnerability in a widely used file-transfer software. The US Cybersecurity and Infrastructure Security Agency (CISA) said it was "working urgently to understand impacts and ensure timely remediation."
CISA Director Jen Easterly said that the software, known as MOVEit, is used by federal agencies and companies around the world and that software vulnerabilities are “pretty common.”
The US needs to accept that the future of combat will be in the digital sphere the same way it foresaw the future of combat-by-air in 1947 and created the Air Force. The US needs a separate cyber force that’s able to rapidly adjust to the ever-changing capabilities of cyber attackers to protect the safety of government and private infrastructure. This is a now-or-never moment.
The US has a history of using crises to gin up public support for new national security agencies. Once implemented, however, they often lead to failures like the Dept. of Homeland Security's highly-despised TSA airport security. Instead of repeating its past of throwing money at contractors, the government should reconfigure its current defense bodies to combat cyber threats.