By Maria Korolov
Dec. 2, 2016
"Prosecuting any hacker in a country other than our own can be a process that's legally fraught with jurisdictional and extradition issues, so not an easy undertaking," said Joseph Opacki, vice president of threat research at PhishLabs. "For these reasons, hackers tend to hide in countries well-known within the cybercrime ecosystem."
Some call for offensive countermeasures, not just investigations
The combined offensive power of the Russian criminal underground and the Russian government itself might be too much for individual enterprises to defend against on their own.
"We need to help fund both private and public sector efforts if we want to reduce the risk to our country of a major cyber event," said Michael Lipinski, CISO and chief security strategist at Securonix. "Our corporate entities are not financially equipped to combat endless state sponsored actor attacks."
For example, the United States could fund projects that improve not just defensive capabilities, but offensive ones as well.
"Counter strikes may be necessary depending on the situation but there needs to be great clarity before taking this action," he said. "There is risk of hitting the wrong target and risk of collateral damage. That said, I also believe, just like in standard warfare, that a strong arsenal is a great deterrent."
A formal security officer at the federal level to coordinate investment and prioritization efforts would also be helpful, he said.
"Cyber defense is a priority for both private and military entities, and the government must create a coordinated framework that includes both," agreed Ebba Blitz, CEO at Alertsec. "This work is of great importance and the United States should appoint a chief of cyber security."