Two GOP senators said Tuesday the U.S. is unprepared and under-investing in defenses against cyberattacks, which they warn will soon be a part of all future warfare.
“Soon, all wars will have a cyber component,” Republican Sens. Joni Ernst of Iowa and Ben Sasse of Nebraska wrote in an Omaha.com op-ed Tuesday.
The two expounded on a number of key foreign policy issues headlining the 2016 election cycle, including global instability, the war in Syria, Russia’s escalating geopolitical aggression under Vladimir Putin and cyber warfare.
“There will be traditional wars with cyber aspects. And there will be stand-alone cyber conflicts,” the senators wrote. “But the future is less about massed armies and more about the combination of information technology, unmanned systems and surgical special forces. In all of these areas, we are unprepared and under-investing.”
The two recently returned from the Munich Security Conference, where NATO and European Union member countries met with Russia, China, Japan, India and others and wrapped up the largest annual conference of its kind Sunday.
Ernst and Saase said the discussions involving international security policy highlighted growing unease with U.S. allies over the U.S.’s position on the world stage.
“We say this delicately, as we work hard to respect the office of the presidency, but our allies everywhere are baffled,” the op-ed reads. “We asked one head of state, ‘What single lesson would you like us to report back to our bosses, our constituents?’ The reply: ‘Get us a U.S. president who will know that the U.S. needs to lead. We need you. All the freedom-loving nations of the world need you.’”
The piece comes days after CIA Director John Brennan said a cyberattack against U.S. infrastructure has become one of his greatest concerns.
“That cyber environment can pose a very, very serious and significant attack vector for our adversaries if they want to take down our infrastructure, if they want to create havoc in transportation systems, if they want to do great damage to our financial networks,” Brennan said on “60 Minutes” Sunday.
“There are safeguards being put in place,” Brennan continued, “But that cyber environment is one that really is the thing that keeps me up at night.”
National Security Agency Director Mike Rogers told Congress last summer the inevitability of a major cyberattack against critical U.S. infrastructure during his time as head of NSA and U.S. Cyber Command is a matter of “when,” not “if.”
Since the hack of more than 20 million federal employees’ personal information inside the Office of Personnel Management last year widely blamed on China, defense hawks on both sides of the aisle and in both chambers of Congress, including Arizona Republican Sen. John McCain, have called on administration representatives in defense and intelligence like Rogers and Director of National Intelligence James Clapper to define what constitutes a cyberattack, and lay out a framework for retaliation.
Clapper and Rogers have repeatedly explained the importance of differentiating cyber aggression and intrusion from cyberattacks, and said the administration policy so far has been to enact measured responses on a case-by-case basis, adding it’s not their place to decide policy. Others have suggested holding a Geneva-like convention for countries to meet and agree on norms for cyberspace.
Congress has started to tackle to issue on its own with the passage of last year’s Cybersecurity Information Sharing Act, the first piece of cyber legislation passed in years, and one lawmakers and tech companies say will allow the public and private sectors to better defend against potential cyber aggression by sharing data on threats they’ve encountered with each other.