SAN FRANCISCO—Cyber attacks against the US, particularly domestic Democratic institutions, are a "red line we should not allow anyone to cross," Rep. Michael McCaul, chairman of the House Homeland Security Committee, told the crowd here at RSA.
"There is no doubt in my mind that the Russian government tried to influence and undermine our election," said McCaul, a Texas Republican. And "if we don't hold the line on sanctions and deliver meaningful consequences, they will do it again."
McCaul was a bit vague as to what those consequences should be, pointing to cooperation with foreign partners and "striking back" when appropriate, as well as sanctions. McCaul said he was briefed in spring 2016 about hacking concerns and raised the issue with then-President Obama and then-candidate Trump, but was disappointed by how both responded. To McCaul, this is not a partisan issue. "Cyber intrusions can hurt our republic," he said.
Techno Politics
Early in his remarks, McCaul discussed Trump's controversial travel ban, which prompted protests around the country and formal objections from more than 100 tech companies.
McCaul pointed to the tradition of welcoming immigrants in America, particularly creators and entrepreneurs. "The United States must maintain that tradition not only for our credibility but for the survival of liberty itself," said McCaul. "That is why I will fight to ensure that the US will offer an open hand to any peaceful people regardless of where they come from, regardless of how they worship, and regardless of the color of their skin."
Knee-Jerk Reactions
In addition to nation-state attacks, McCaul also highlighted the threat of online radicalization and tools that can hide dangerous activity.
"Terrorists are abusing encryption and social media to crowdsource the murder of innocent people," said McCaul. "We can't allow groups like ISIS to remote control terrorist attacks form the darkness of the web."
McCaul used the phrase "going dark," which is often used by law enforcement to describe when a device or an individual uses encryption tools that make it difficult or impossible to intercept their communications.
When the feds discuss this issue, as the US Attorney General did last year in the context of the Apple-FBI case, the suggested solution is usually a mechanism that would allow law enforcement to decrypt messages as necessary. In security terms, this is called a "backdoor," and is reviled in the security community because it undermines the robustness of any service or system.
McCaul agreed. "We cannot undermine encryption, it's the bedrock of our internet security," he said.
Related
- What It's Like When The FBI Asks You To Backdoor Your SoftwareWhat It's Like When The FBI Asks You To Backdoor Your Software
Instead, McCaul called for a new commission to examine the issue and suggest real solutions. He positioned the Homeland Security Department as a potential home for a consolidated cybersecurity agency and said information sharing between agencies is critical. Companies, too, "need to step up to the plate and start sharing with each other," said McCaul.
While he admitted the challenges facing the US in cyberwarfare are profound and frightening, he ended his remarks on a more positive note. Last year, he said, "was a watershed year in cyberspace, and for a lot of the wrong reasons." The experience has made country more realistic about the broad dangers posed by cyber attacks, but we must not give in to reactionary fear. "We cannot let the fear of the unknown, outweigh what we do know."