Cyberspace plays an essential role in the communication and security of the United States. Cyber-attacks have already caused significant damage to various sectors of the American economy and citizens’ safety. Furthermore, different malware simplifies adversaries’ espionage for U.S. military advancements. Although technological protection attained high levels of security, external threats will always exist. According to Tounsi and Rais, technology becomes less secure as it gains additional complex features (2). The U.S. government promotes the idea of stability in the international cyber network during a peaceful time and amid armed conflicts (Clapper et al. 4). Hence, people working in intelligence agencies have a vast task to recognize and preclude potential threats. However, some groups believe that the importance of cyber-attacks is overemphasized in geopolitics. The constant threat of cyber-attacks from other countries and terrorist groups requires the government to monitor this issue to protect people’s lives and the country’s stability.
Cyberthreats have a multifaceted nature because they can employ various means of attack. For instance, viruses and other malware programs can be sent by emails to steal personal information or classified data (Tounsi and Rais 6). Viruses are considered polymorphic threats that can damage the system without being noticed by protective software (Tounsi and Rais 5). Advanced persistent threats continue until a breach in security is found, and intended harm is performed (Tounsi and Rais 5). Attackers modify their malware to overcome challenges established by new antivirus programs (Tounsi and Rais 21). The main problem is that hackers change their parameters frequently; hence, it is hard to detect them because their programs can bypass expensive protective software (Tounsi and Rais 24). Therefore, private companies and the government need to cooperate and interchange data to build a library of information about cyber-attacks and develop adequate protection.
The countries that represent a potential threat to American cybersecurity are Russia, China, Iran, and North Korea. According to Clapper et al., Russia is considered a primary cyber threat for the United States because it invests substantial resources into “advanced offensive cyber program and sophisticated tactics” (5). China is known to be involved in digital espionage against the U.S., while Iran utilized cyber-attack to target American financial division in 2012 and 2013 (Clapper et al. 6). Moreover, the U.S. government always conducts surveillance to protect cyberspace from terrorist organizations, like al-Qaida, Islamic State, and HAMAS (Clapper et al. 6). For example, ISIL’s operations exposed classified information about American military personnel in 2015 (Clapper et al. 6). The only way to protect citizens, the economy, industry, and the military sector is by actively working on programs that can counteract these cyber-attacks.
One of the most effective ways to create anti-malware programs is through conducting threat intelligence (TI). TI can be defined as evidence-based knowledge about attacks and threats in cyberspace (Tounsi and Rais 7). TI’s four levels of intelligence analysis are strategic, operational, tactical, and technical threat intelligence (Tounsi and Rais 8). First, strategic threat intelligence utilizes available information to predict future attacks and calculate their possible financial damage (Tounsi and Rais 8). Second, operational threat intelligence assesses targeted attacks on specific organizations. Third, tactical threat intelligence evaluates how attackers prepare and perform operations (Tounsi and Rais 8). Lastly, technical threat intelligence, as the name suggests, monitors the hardware and software of a company for potential weaknesses (Tounsi and Rais 8). It seems that these four protection levels are valuable for ensuring data security for corporations and the public.
Although the government’s increased attention to this issue, some believe that the importance of cyber threats is overestimated. Indeed, people working in this field may have artificially inflated the notion of cybersecurity (Wagner 63). Furthermore, the fact that one concept of information technologies gained a particular need for increased financial investments for investigations is suspicious (Wagner 64). However, the age of digital advancements demands the enormous utilization of cyberspace in almost every aspect of people’s lives. Therefore, information stored on servers should be adequately protected from stealing to avoid classified information leaks and damage to the economic and political stability of the United States.
In summary, cyber-attacks received special recognition from the U.S. government because of the constant vulnerability of cyberspace to external attacks. Moreover, the modifications of technologies do not prevent them from these attacks. Instead, it makes attackers develop more sophisticated malware programs to harm organizations by damaging their security. American intelligence agencies stress the importance of cyberattacks from adversaries. Various data collection and analysis methods were developed to predict future threats and create more robust protection. Specifically, technical, operational, tactical, and strategic threat intelligence assesses different attacks and weaknesses of private and public institutions to introduce timely measures. However, some people claim that the importance of cybersecurity is overrated. Still, considering the vast utilization of information technologies by all governmental agencies, private companies, and ordinary citizens, cyber-attacks are a real threat to political, economic, and individual security. Thus, the issue of cybersecurity needs to receive special attention from the U.S. government.
Clapper, James, et al. “Foreign Cyber Threats to the United States.” Hampton Roads International Security Quarterly, 2017, pp. 1-7.
Tounsi, Wiem, and Helmi Rais. “A Survey on Technical Threat Intelligence in the Age of Sophisticated Cyber Attacks. Computers & Security, vol. 72, pp. 1-54. Web.
Wagner, Ben. “Constructed “Cyber” Realities and International Relations Theory.” Science, Technology, and Art in International Relations, edited by J.P. Singh et al., Routledge, 2019, pp. 60-70.