Who's crazier than John McAfee? Could be the Commander-In-Chief candidates who are running election campaigns - sans any mention, let alone a position statement - on cybersecurity. Let's not forget that our President has supreme command over our armed forces which includes our cyber military.
President Obama issued an executive order on April 1, 2015, declaring “the increasing prevalence and severity of malicious cyber-enabled activities… constitute an unusual and extraordinary threat to the national security, foreign policy and economy of the United States. I hereby declare a national emergency to deal with this threat.”
While Obama has not declared an official cyber war, there are many experts who will tell you that the U.S. is in a cyber war against China.
John McAfee's Cyber Security Doctrine should be a wake up call to voters, candidates, and the media. His doctrine is posted in its entirety on the Cybersecurity Ventures website, and presented here for CSO readers:
McAfee 16 Cyber Security Doctrine
- The U.S. Government is largely illiterate in the digital sciences and lags Russia and China by a substantial margin in cyber security.
- We are in a cyber war with China, and have been for more than five years. The Chinese attacks on Homeland Security, the Department of Defense and the FBI went nearly undetected and the massive attack against the Office of Personnel Management was ongoing for two years before it was even noticed. Our response to these acts of war was to hire consultants to make OPM personnel feel better about themselves. This sole response indicates a paralysis within our government and a need for massive change.
- This change must happen immediately. The Chinese are already capable of the mass destruction of the infrastructure of the U S. entirely without the use of arms.
- The overwhelming majority of the firmware used in US communications and digital processing was written by Chinese companies under Chinese Government direction and can be fully co-opted by the Chinese, using hidden back doors, at any time of their choosing. This would mean the total collapse of all digital communications in the US, including the collapse of our Internet.
- The Chinese have secretly commandeered many of our satellites that are used for communications and are using these hijacked satellites in order to hide their entry into our critical control systems.
- The U.S. Government, at the Executive level, must immediately create an Office of Digital Transformation, with the imperative to develop cyber defense systems and procedures within every department of the Executive branch. The development of these systems and procedures must be given the highest priority.
- We must recognize that National Defense cannot be achieved through defensive systems only. Deterrent is a necessary element, and this can only be achieved through the creation of offensive cyber warfare tools.
- These offensive tools must be developed hand-in-hand with our defensive tools, and therefore must fall under the full control of the office of digital transformation.
- The staffing for the Office of Digital Transformation must come from outside of the current government personnel pool. This is of extreme importance. Our current problems are a direct result of our ossified personnel structure and personnel influences. We cannot have the most critical office within the government tainted by our past weaknesses.
- The U.S. currently possesses the largest and most talented pool of cyber security specialists in the world. These specialists congregate multiple times each year in various locations, culminating in the annual Defcon conference, comprised of upwards of 50,000 specialists. These specialists compose our hacker community.
- Our hacker community is overwhelmingly composed of White Hat hackers. These hackers perform the critical function within our industrial complex of hiring themselves out, in teams, to corporations in order to improve corporate cyber security.
- Red Teams develop strategies, procedures and systems to attempt to break into their clients’ data and operations centers with the intent of accessing information critical to the functioning of the corporation.
- Blue Teams take over the responsibility of securing the corporation’s digital assets and implement systems and procedures to attempt to block the Red Teams.
- At the end of each project, the Red teams and Blue teams jointly advise the corporation of action plans that must be implemented in order to create a more secure environment.
- The U.S Government, in order to staff the Office of Digital Transformation (ODT), must immediately begin active recruiting within our hacker community. This recruiting must focus at least 75 percent on specialists with heavy Red Team experience. Red Team talents can be used for the development of both defensive and offensive systems. Many specialists are experienced in both talent sets.
- The ODT must be divided into two branches: Cyber Security Defense Systems, and Cyber Warfare Weapons Development.
- Cyber Security Defense systems must be structured in a manner that mirrors the existing structure of government program offices. ODT staff will be assigned to each program office to immediately analyze and re-structure the digital systems with each department in order to elevate each department with highest possible level of cyber security.
- Cyber Warfare Weapons Development will be staffed by Red Team specialists capable of attaining a top secret security clearance and must be directed by a veteran cyber security executive recruited from within the corporate cyber security world. It must have an advisory board established by the Pentagon.
- The ODT can be funded in a variety of ways. My suggestion is to disband the TSA in its entirety. It has been been well established that it is ineffective. Bolstering the on-board armed marshall program will provide real security. The TSA budget is close to $8 billion per year. The salaries for the nearly 50,000 screeners is less than $2 billion. If we sent them all home but continued to pay their salaries we would not burden the unemployment rolls and we would still save nearly $6 billion per year in overhead. Even if only 50 percent of the overhead could be saved, that would still be an annual savings of $3 billion. With $3 billion per year we could hire 10,000 of the world’s top cyber security specialists and possibly save this great nation of ours.
This is not a call out to vote for McAfee. There are numerous important issues for voters to consider. But McAfee makes a very compelling argument for cybersecurity to be one of them. Let's see if McAfee's Doctrine gets the candidates on topic and perhaps even generates some serious cyber discussion during the televised debates.