from the well,-that's-just-great dept
Of course, her opponent, Donald Trump has been totally incomprehensible on cybersecurity during the course of his campaign. There was his first attempt to respond to questions about cybersecurity in which it's not clear he understood the question, and started talking about nuclear weapons instead. Or the time he took a question on cybersecurity and answered by talking about the latest CNN poll. Or, of course, who can forget his debate performance on the topic, where his key insights were that his 10 year old was good with computers and a 400 lb. hacker may be responsible for the DNC hacks.
It appears that the Trump campaign finally decided that maybe Trump should say something marginally coherent on the subject, and sent him out earlier this week with a prepared teleprompter speech, which Trump actually managed to get through without going too far off script. And... it's basically the same kind of bullshit as Clinton -- pushing for more aggressive and offensive cyberattacks.
“I will also ask my secretary of Defense and joint chiefs to present recommendations for strengthening and augmenting our Cyber Command,” Trump said of his cybersecurity plan. “As a deterrent against attacks on our critical resources, the United States must possess, and has to, the unquestioned capacity to launch crippling cyber counterattacks, and I mean crippling. Crippling. This is the warfare of the future. America’s dominance in this area must be unquestioned, and today it’s totally questioned.”There was also the kind of hilarious claim that the government has not made cybersecurity issues a priority, which is laughable if you've been paying attention to, well, anything in the "cybersecurity" policy space over the past few years. You could say that their priorities within that realm are screwed up. Or that the government seems to mainly use "cybersecurity" as a cloak to hide NSA surveillance efforts. But to argue that it's not been a priority is clearly false.
And, really, having our own side launching "crippling" cyberattacks (as with Clinton's plan) doesn't seem like the most effective plan. These kinds of things only escalate. Being an aggressor here seems particularly shortsighted. Taking out, say, China's internet, may show strength, but for what purpose? Will it really stop Chinese computer attacks on US infrastructure? Doubtful. Cybersecurity is mostly a defensive game, and it should remain that way. Encrypt everything possible. Disconnect critical infrastructure from the wider network wherever possible, and do everything to stop attackers from getting in, taking down, or mucking with systems.
This hawkish talk about offensive attacks in response to inbound online attacks is probably poll-tested to sound good as "being tough," but it's really stupid actual policy.