US at risk of 'catastrophic cyber attack', warns US Cyberspace Solarium Commission

The US is "dangerously insecure in cyber," warns Commission following year-long investigation

The US is at risk of a "catastrophic cyber attack" and the government needs to adopt sweeping structural changes to address cyber security challenges, according to a report from the US Cyberspace Solarium Commission following a year-long investigation.

"Our country is at risk, not only from a catastrophic cyber attack but from millions of daily intrusions disrupting everything from financial transactions to the inner workings of our electoral system" the report warns [PDF].

The Cyberspace Solarium Commission is a government-funded, bipartisan group created by the 2019 National Defense Authorization Act. It is charged with developing an all-inclusive strategic approach to defend the US in cyber space.

The group is co-chaired by Representative Mike Gallagher and Senator Angus King. Its 14 members include four senior executive agency leaders, four legislators from Congress, and six US cyber security experts who are not part of the government.

Since its inception, the Commission has consulted various cyber experts and coordinated with stakeholders in effort to develop a comprehensive report of cyber security.

According to the Commission, the US public sector faces major threats in the form of cyber attacks on elections and other institutions, espionage campaigns targeting the US military and its suppliers, attacks against civilian agencies, and the loss of leadership in key technology research.

Similarly, key threats against the US private sector include malware and cybercrime, risks to critical infrastructure and intellectual property theft.

These threats led the Commission to develop contingency plans to prepare for a far-reaching cyber conflict with China, Russia, or others.

The commission states that the US is "dangerously insecure in cyber" and to strengthen the nation's cyber defence capabilities, the Congress must pass a series of bills to create new government offices or reorganise the existing ones.

The report recommends creating a new "National Cyber Director" at the White House and a military cyber reserve force with high levels of cyber capabilities.

Another recommendation is the creation of a Bureau for Cyberspace Security and Emerging Technologies at the State Department, which must be led by an assistant secretary of state.

The government's priorities in cyber space should be to ensure that the economy is online, and there is interrupted flow of goods and services nationally.

"This is an area that the Commission really focused on," Samantha Ravich, Commission member told Reuters.

"[It] has to be planned before, you can't do it when the lights go out," she added.