The national security nightmare the candidates aren’t talking about

Presidential hopefuls remain mum about keeping America safe from hackers

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Whether you love it or it makes you want to move south of the bor­der, Don­ald Trump’s Great Wall of Mex­i­co is an idea whose time has come.

That said, the Repub­li­can pres­i­den­tial can­di­date has a few things wrong.

Adam Levin, chairman and co-founder of Credit.com and IDT911
Adam Levin, chair­man and co-founder of Credit.com and IDT911

First, The Donald’s wall is mis­named. It should be called the Great Cyber Wall of Amer­i­ca or the Amer­i­can Cyber­dome or, at any rate, some­thing denot­ing a dig­i­tal infor­ma­tion and com­mu­ni­ca­tion pro­tec­tion system.

The sec­ond thing Trump has wrong is func­tion­al­i­ty. The wall Amer­i­ca needs should not be effec­tive at keep­ing immi­grants from enter­ing our great nation. It needs to pro­tect us from the vast array of hos­tile hack­ers who wish to do us harm from both with­in and beyond our sov­er­eign borders—be they state-spon­sored, ter­ror­ist, in pur­suit of some cause, or sim­ply pre­co­cious teenagers. It needs to pro­tect every inch of coast­line and bor­der we have in three dimen­sions. And it needs to do this reliably.

Why a cyber wall matters 

In 2007, Esto­nia, the “most wired nation in Europe” expe­ri­enced some­thing unprece­dent­ed: denial-of-ser­vice attacks that crip­pled the coun­try. Wave after wave of attacks tar­get­ed gov­ern­ment web­sites, Eston­ian news­pa­pers, uni­ver­si­ties and banks. It wreaked hav­oc. The gov­ern­ment took the extra­or­di­nary action of block­ing inter­na­tion­al Web traffic—effectively iso­lat­ing Esto­nia from the rest of the world dur­ing a por­tion of the attacks. Sud­den­ly, the assault stopped as quick­ly as it start­ed, but while it last­ed, there were riots in the streets.

Those denial-of-ser­vice attacks were in retal­i­a­tion for the Eston­ian government’s deci­sion to remove a Sovi­et-era war mon­u­ment. Increas­ing­ly, ide­ol­o­gy is dri­ving more fer­vent fights and dras­tic mea­sures in the world.

Around Christ­mas in 2015, parts of the Ukraine start­ed expe­ri­enc­ing black­outs. Large swaths of the pop­u­la­tion lost elec­tric pow­er, all of them in areas asso­ci­at­ed with the oppo­si­tion to the Russ­ian annex­a­tion of the Crimea and pro-Rus­sia sep­a­ratists. The black­outs were caused by hack­ers. To date, noth­ing has been proven about who was spon­sor­ing them. The only fact in evi­dence is that a Tro­jan called Black­En­er­gy was used, and the ini­tial pen­e­tra­tion into the pow­er com­pa­nies was achieved through social engi­neer­ing (also known as trick­ery and/or deceit in com­bi­na­tion with all-too-fal­li­ble human­i­ty). In this case, the social engi­neer­ing took the form of spear phish­ing—an employ­ee was sent an email that appeared legit­i­mate, they clicked an attach­ment, and, quite lit­er­al­ly, all hell broke loose.

Because many cyber attacks have a social engi­neer­ing aspect, there is a ten­den­cy in the data secu­ri­ty com­mu­ni­ty to assume that there is no cure-all for the cyber inse­cu­ri­ty that ails us world­wide. But, regard­less, it is a prob­lem in dire search of a solution.

Just last week, Nation­al Secu­ri­ty Admin­is­tra­tion Direc­tor Michael Rogers stat­ed our need for bet­ter pro­tec­tions when he said it was a ques­tion of “when, not if” state-spon­sored hack­ers decide to take out parts or the entire­ty of our pow­er grid, our com­mu­ni­ca­tions and our emer­gency response sys­tems. Doubt­less, banks and oth­er finan­cial orga­ni­za­tions are tasty tar­gets as well.

Mean­while on the cam­paign trail

This elec­tion sea­son we haven’t heard a whole lot about cyber­se­cu­ri­ty (or the lack there­of), which bog­gles the mind. After all, the bar­bar­ians are no longer knock­ing at the gate. They are crawl­ing through mil­lions of inves­tiga­tive reports at the Office of Per­son­nel Man­age­ment, har­vest­ing tens of mil­lions of Social Secu­ri­ty num­bers in the breached files of our health insur­ers, bur­row­ing into count­less bank accounts and med­ical files, rifling through our trav­el plans, divert­ing bil­lions of tax refund dol­lars from the IRS and (doubt­less) explor­ing var­i­ous avenues into our pow­er grid.

Yet there has been bare­ly a peep on the cam­paign trail, save for­mer Sen. Jim Webb—who, as you will no doubt remem­ber, was quick­ly dis­patched to the scrap heap of pres­i­den­tial elec­tion history.

Instead, we are wit­ness to a heat­ed debate about the size of a candidate’s hands, and get “Big Don­nie” and “Lit­tle Mar­co” snip­ing at each oth­er like eighth-graders who have a crush on the same per­son while Hillary Clin­ton tries to sound more like Bernie Sanders with­out alien­at­ing Wall Street. Mean­while, Bernie keeps deliv­er­ing the same stump speech despite a horde of super del­e­gates who plan to make Hillary the Demo­c­ra­t­ic nom­i­nee regard­less of his per­for­mance in the primaries.

I don’t just blame the can­di­dates. The media has had a hand in this. Les Moonves summed up part of the prob­lem recent­ly when he said that this crazy elec­tion “may not be good for Amer­i­ca, but it’s good for CBS.”

In an era of real­i­ty-show pol­i­tics, why would any­one with any skin in the game want to risk los­ing the eyes and ears of Amer­i­cans because they talk about some­thing sub­stan­tive like cyber­se­cu­ri­ty? Unfor­tu­nate­ly, just as con­ve­nience often trumps secu­ri­ty in this day and age, the fail­ure to intel­li­gent­ly dis­cuss and debate var­i­ous approach­es to keep­ing our nation cyber safe is a major oppor­tu­ni­ty loss for the U.S.

Adam Levin is chair­man and co-founder of Credit.com and IDT911. His expe­ri­ence as for­mer direc­tor of the New Jer­sey Divi­sion of Con­sumer Affairs gives him unique insight into con­sumer pri­va­cy, leg­is­la­tion and finan­cial advo­ca­cy. He is a nation­al­ly rec­og­nized expert on iden­ti­ty theft and credit. 

 Full dis­clo­sure: IDT911 spon­sors Third­Cer­tain­ty. This sto­ry orig­i­nat­ed as an Op/Ed con­tri­bu­tion to Credit.com and does not nec­es­sar­i­ly rep­re­sent the views of the com­pa­ny or its partners.

More on data secu­ri­ty and iden­ti­ty theft:
Iden­ti­ty Theft: What You Need to Know
3 Dumb Things You Can Do With Email
How Can You Tell If Your Iden­ti­ty Has Been Stolen?