Open in app

Sign in

Write

Sign in

Home

Following

Library

Stories

Stats

GEN

A former publication from Medium about politics, power, and culture. Currently inactive and not taking submissions.

Follow publication

Should the U.S. Government Fight Back When Businesses Are Cyberattacked?

Some business leaders think so, but experts warn it’s a bad idea

Rob Knake
GEN
Published in
8 min readJul 25, 2019

--

Photo: PeopleImages/Getty Images

By Robert K. Knake and Richard A. Clarke

TThe attacks started out small. The first wave, at the end of 2011, was just probing and planning, stress-testing the capabilities of the world’s largest financial institutions. Over the next nine months, the attacks would occur only sporadically, a day here and there, but in September 2012 the frequency and severity of the distributed denial-of-service (DDoS) attacks went up. The websites of U.S. banks such as JPMorgan and Bank of America were flooded with traffic on an unprecedented scale, and, oddly, at predictable intervals, Tuesday through Thursday from 10:00 a.m. to 2:00 p.m., Eastern Standard Time, as if someone was trying to send a message.

Media outlets, with the help of unnamed officials in the Obama administration, quickly pointed to Iran as the culprit, believing the attacks were a response to the Stuxnet malware that had disrupted Iran’s nuclear enrichment program several years earlier. Phones began to ring throughout the White House West Wing. At every level from CEO down to chief information security officers, the banks wanted the government to do something to stop the attacks.

The Obama administration selected a limited response. Rather than escalate tensions with Iran by striking back in cyberspace or sending a carrier group through the Strait of Hormuz, the administration chose to treat the attacks like any other mildly disruptive internet activity. The Department of Homeland Security coordinated remediation, sending information on the attacking IP addresses to ISPs and hosting providers so they could notify the owners of infected accounts to get them to delete the malware and slow the attacks. The State Department issued démarches to foreign governments to request their assistance in shutting down the attacks. No proverbial missiles were fired in cyberspace. The banks were not happy.

Not liking the response they got, the banks took their case to the Wall Street Journal. “We’d like them to act,” declared one unnamed bank official. But act how? What this and other unnamed bank officials wanted the government to do was to either “block the…

Create an account to read the full story.

The author made this story available to Medium members only.
If you’re new to Medium, create a new account to read this story on us.

Continue in app
Or, continue in mobile web

Already have an account? Sign in

--

--

GEN
GEN

Published in GEN

100K Followers
Last published Apr 19, 2022

A former publication from Medium about politics, power, and culture. Currently inactive and not taking submissions.

Rob Knake
Rob Knake

Written by Rob Knake

99 Followers
35 Following

All opinions i express are my own. A RT is not an endorsement.

Responses (3)

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech