Ex-NSA hacker Outlines why the White House Should Seek Private Sector Assistance on key Infrastructure

As tech and other industry CEOs visited the White House for a summit on cybersecurity, one NSA hacker-turned-security researcher stressed that the private sector can play a key role in protecting the U.S. grid.

“If you think about it, at least in the U.S., the majority of the critical infrastructure is both owned and operated by the private sector,” Patrick Wardle, a former National Security Agency hacker and founder of mac OS security company Objective-See, told Yahoo Finance Live (video above). “So I think it’s really a no brainer for the government… to bring the private sector and figure out ways to collaborate and work together to address this ever-growing threat.”

Highways, bridges and tunnels, railways, utilities, and some structures all fall under the category of critical infrastructure.

At Wednesday’s meeting, President Biden mirrored Wardle’s sentiments, saying: “The fact is that the private sector owns and operates the majority of our vital infrastructure, and the federal government cannot manage this challenge alone. So I’ve asked you all here today because I believe you have the power, capacity, and duty to raise the cybersecurity threshold.”

Recent events, such as a cyber-espionage campaign against software company SolarWinds and ransomware assaults that damaged a major US gasoline pipeline, have escalated the stakes, according to Wardle.

“I think this is why they say now we really need to kind of band together the private and the government sectors and really make a push,” he said.

Furthermore, given the lack of cybersecurity hygiene across both government and company networks, there are some simple fixes that can be pursued.

“If the government starts to collaborate more with the private industry, really try to maybe standardize some best practices, maybe we can address some of the low-hanging fruit — which will prevent, hopefully, at least some of these these attacks,” he said.

That low-hanging fruit includes widespread use of dual-factor authentication and other best practices that are already standardized in the most secure private sector companies.

“I draw a lot of parallels to the current pandemic,” Wardle said. “We have a lot of the tools already. So… for COVID we have vaccines, we have mass mandates, social distancing. We kind of know what works. The issue, though, is in the implementation.”

Inviting (AMZN) CEO Andy Jassy, Apple (AAPL) CEO Tim Cook, Alphabet (GOOGGOOGL) CEO Sundar Pichai, Microsoft (MSFT) CEO Satya Nadella, IBM (IBM) CEO Arvind Krishna, JPMorgan Chase (JPM) CEO Jamie Dimon, and leaders from other industries to White House was a solid first step, according to Wardle.

“Hackers really only have to find one way into the network,” Wardle explained. “And then oftentimes, the flood gates are open. So I think that’s one of the reasons why that the White House is bringing in so many different CEOs of tech companies and really trying to embrace the industry as a whole, because they correctly realized that it’s almost like there’s not one specific company that will be targeted. It’s really all of them.”

Source: Yahoo News

Notify of
Inline Feedbacks
View all comments