Countries shore up their digital defenses as global tensions raise the thre... https://ciso.economictimes.indiatimes.com/news/cybercrime-fraud/count...

Countries shore up their digital defenses as global

ET CISO

FILE - Director of National Intelligence Tulsi Gabbard, left, joined by CIA

By David Klepper

Hackers linked to Russia's government launched a cyberattack last spring against municipal water
plants in rural Texas. At one plant in Muleshoe, population 5,000, water began to overflow.
Officials had to unplug the system and run the plant manually.

The hackers weren't trying to taint the water supply. They didn't ask for a ransom. Authorities
determined the intrusion was designed to test the vulnerabilities of America's public infrastructure.
It was also a warning: In the 21st century, it takes more than oceans and an army to keep the United
States safe.

A year later, countries around the world are preparing for greater digital conflict as increasing
global tensions and a looming trade war have raised the stakes - and the chances that a cyberattack
could cause significant economic damage, disrupt vital public systems, reveal sensitive business or

1 of 4 21-Apr-25, 4:48 PM
Countries shore up their digital defenses as global tensions raise the thre... https://ciso.economictimes.indiatimes.com/news/cybercrime-fraud/count...

government secrets, or even escalate into military confrontation.

The confluence of events has national security and cyber experts warning of heightened
cyberthreats and a growing digital arms race as countries look to defend themselves.

At the same time, President Donald Trump has upended America's digital defenses by firing the
four-star general who led the National Security Agency, shrinking cybersecurity agencies and
slashing election cybersecurity initiatives.

Businesses now are increasingly concerned about cyberattacks, and governments have moved to a
war footing, according to a report this month by NCC Group, a British cybersecurity firm.

"The geopolitical dust is still settling," said Verona Johnstone-Hulse, a London-based expert on
government cybersecurity polices and the report's co-author. "What the new normal looks like is
still not yet set."

Many in the U.S. are already calling for a more muscular approach to protecting the digital frontier.

"Hybrid war is here to stay," said Tom Kellermann, senior vice president of cyberstrategy at
Contrast Security. "We need to stop playing defense - it's time to make them play defense."

Digital life means more targets for hackers

Vulnerabilities have grown as people and businesses use connected devices to count steps, manage
finances and operate facilities such as water plants and ports. Each network and connection is a
potential target for foreign governments or the hacking groups that sometimes do their bidding.

Espionage is one motive, demonstrated in a recent incursion linked to hackers in China. The
campaign known as Salt Typhoon sought to crack the phones of officials, including Trump, before
the 2024 election.

These operations seek entry to sensitive corporate or government systems to steal secrets or
monitor personal communications. Such information can be hugely valuable by providing
advantages in trade negotiations or military planning. These hackers try to remain hidden for as
long as possible.

More obvious intrusions can serve as a warning or deterrent, such as the cyberattacks targeting the
Texas water plants. Iran also has shown a willingness to use cyberattacks to make political points.

The cyberattacks that frighten experts the most burrow deeply into telephone or computer
networks, inserting backdoors or malware for later use.

National security experts say this was the motivation behind a recent attack from China called Volt
Typhoon that compromised telephone networks in the U.S. in an effort to gain access to an
unknown number of critical systems.

China could potentially use these connections to disable key infrastructure - power plants,
communication networks, pipelines, hospitals, financial systems - as part of a larger conflict or
before an invasion of Taiwan, national security experts said.

"They can position their implants to be activated at a date and time in the future," said Sonu
Shankar, a former researcher at Los Alamos National Laboratory who is now chief strategy officer
at Phosphorus Cybersecurity.

National security officials will not discuss details, but experts interviewed by The Associated Press

2 of 4 21-Apr-25, 4:48 PM
Countries shore up their digital defenses as global tensions raise the thre... https://ciso.economictimes.indiatimes.com/news/cybercrime-fraud/count...

said the U.S. no doubt has developed similar offensive capabilities.

China has rejected U.S. allegations of hacking, accusing America of trying to " smear " Beijing while
conducting its own cyberattacks.

Global tensions tick up Wars in Ukraine and the Middle East. Trade disputes. Shifting alliances.
The risk of cyberattacks goes up in times of global tension, and experts say that risk is now at a
high.

U.S. adversaries China, Russia, Iran and North Korea also have shown signs of cybercooperation as
they forge tighter economic, military and political relationships.

Speaking to Congress, Director of National Intelligence Tulsi Gabbard noted that Iran has supplied
drones in exchange for Russian intelligence and cybercapabilities.

"Russia has been the catalyst for much of this expanded cooperation, driven heavily by the support
it has needed for its war effort against Ukraine," Gabbard told lawmakers.

Amid global fears of a trade war after the tariffs that Trump has imposed, supply chains could be
targeted in retaliation. While larger companies may have a robust cyberteam, small suppliers that
lack those resources can give intruders easy access.

And any tit-for-tat cycles of cyberconflict, in which one country hacks into a sensitive system as
retaliation for an earlier attack, come with "great risk" for all involved, Shankar said. "It would put
them on the path to military conflict."

The Trump effect At a time when national security and cybersecurity experts say the U.S. should be
bolstering its defenses, Trump has called for reductions in staffing and other changes to the
agencies that protect American interests in cyberspace.

For example, Trump recently fired Gen. Timothy Haugh, who oversaw the NSA and the Pentagon's
Cyber Command.

The U.S. faces "unprecedented cyber threats," said Virginia Sen. Mark Warner, the top Democrat on
the Senate Intelligence Committee. He has asked the White House to explain Haugh's departure.
"How does firing him make Americans any safer?" Warner said.

Also under Trump, the U.S. Cybersecurity and Infrastructure Security Agency placed on leave
staffers who worked on election security and cut millions of dollars in funding for cybersecurity
programs for local and state elections. His administration eliminated the State Department's Global
Engagement Center, which tracked and exposed foreign disinformation online.

The CIA, NSA and other intelligence agencies also have seen reductions in staffing.

The administration faced more questions over how seriously it takes cybersecurity after senior
officials used the popular messaging app Signal to discuss sensitive information about upcoming
military strikes in Yemen. Gabbard later called the episode a mistake.

The officials in charge of America's cybersecurity insist Trump's changes will make the U.S. safer,
while getting rid of wasteful spending and confusing regulations.

The Pentagon, for instance, has invested in efforts to harness artificial intelligence to improve
cyberdefenses, according to a report provided to Congress by Lt. Gen. William J. Hartman, acting
commander of the NSA and Cyber Command.

3 of 4 21-Apr-25, 4:48 PM
Countries shore up their digital defenses as global tensions raise the thre... https://ciso.economictimes.indiatimes.com/news/cybercrime-fraud/count...

The changes at the Cybersecurity and Infrastructure Security Agency come as its leaders consider
how best to execute their mission in alignment with the administration's priorities, a CISA
statement said.

"As America's Cyber Defense Agency, we remain steadfast in our mission to safeguard the nation's
critical infrastructure against all cyber and physical threats," the statement read. "We will continue
to collaborate with our partners across government, industry, and with international allies to
strengthen global cybersecurity efforts and protect the American people from foreign adversaries,
cybercriminals, and other emerging threats."

Representatives for Gabbard's office and the NSA didn't respond to questions about how Trump's
changes will affect cybersecurity.

Signs of progress? Despite shifting alliances, a growing consensus about cyberthreats could prompt
greater global cooperation.

More than 20 nations recently signed on to an international framework on the use of commercial
spyware. The U.S. has signaled it will join the nonbinding agreement.

There's also broad bipartisan agreement in the U.S. about the need to help private industry bolster
defenses.

Federal estimates say the cybersecurity industry needs to hire an additional 500,000 professionals
to meet the challenge, said Dean Gefen, former chief of cybertraining for Israel's Defense
Intelligence Technological Unit. He's now the CEO of NukuDo, a cybersecurity training company.

"Companies need effective guidance from the government - a playbook," Gefen said. "What to do,
what not to do."

• AP

• Published On Apr 21, 2025 at 09:10 AM IST

Most Read in Cybercrime & Fraud

4 of 4 21-Apr-25, 4:48 PM