Is our critical infrastructure safe from cyber hacks?

Imagine being at your work desktop and realizing your cursor has been taken over by a remote hacker. Now imagine you work at a water treatment plant and you are watching that same hacker try to dramatically increase the level of toxins in the water supply you and your family drink. That scenario, of course, happened a few weeks ago to a water operator in Oldsmar, Fla.

Fortunately, in the case of Oldsmar, city officials said several additional checkpoints would have flagged the increase in water contamination if it had been missed by the hacked employee. But what about towns that do not have similar safeguards in place? 

This incident is just the latest example in a pattern of attempted attacks on our nation’s critical infrastructure systems. These attacks have long troubled the national security community as they expose how the safety and security of communities across the country are partly reliant on vulnerable cyber networks that are under constant attack by potentially nefarious actors.

Throughout our decades of service at the highest levels of the U.S. government, we supported a combination of hard power (military supremacy), soft power (diplomacy) and smart power (a practical mix of the two) to protect U.S. interests at home and abroad. With the nation and the world increasingly reliant on technology, it is time to reframe national security policy through the lens of prioritizing and advancing our long-term advantage in existing and emerging technologies. 

That is why we supported the launch of a new national security report calling for the deployment of U.S. “digital power.”

As the Oldsmar attack clearly shows, a framework for U.S. digital power must include a commitment to securing U.S. technology, networks and data through enhanced cybersecurity. Christopher Krebs, former director of the Cybersecurity and Infrastructure Security Agency (CISA), wrote in a recent opinion piece that, “When an organization is struggling to make payroll and to keep systems on a generation of technology created in the last decade, even the basics in cybersecurity often are out of reach.” But even our biggest and most successful companies are no match against the full power of an aggressive nation state like Russia or China. 

For this reason, it is more important than ever for the U.S. government to partner with private industry on best practices around cybersecurity protections. One way to accomplish this is to strengthen the communication channels between our public and private sectors so the U.S. government can more effectively share information with the small and large companies that make up the supply chains of both the most sensitive military technology used by our armed forces and the commercial technology used in every home in America.

Another critical component of U.S. digital power is protecting the ability of American companies to innovate. As we have witnessed during the pandemic, the strength of our economy is intertwined with our access to technology. To ensure U.S. companies continue to lead the world in digital tools that will further grow the U.S. economy, create jobs and keep the nation secure, U.S. companies must be empowered to maintain a cutting edge on all emerging technologies. The clearest path to this goal is through partnerships between the U.S. government and the technology industry. 

One example where these partnerships are critical is in the race to build global 5G networks. Coming in second place to a nation like China would put the U.S. in a disadvantaged economic position and limit our ability to influence standard setting around telecommunications and other key technologies. Fortunately, there appears to be growing bipartisan momentum around the need to prioritize U.S. innovation in technologies like 5G, semiconductors, artificial intelligence (AI), quantum computing, facial recognition and commercial drones. We encourage the Biden administration to work with Congress to ensure future legislation reflects this understanding.  

The final pillar of U.S. digital power is advancing a democratic and open internet. Around the world, U.S. technology companies often act as informal global “ambassadors” for U.S. values since their platforms and technologies promote freedom of expression, non-censorship, data privacy and other democratic principles. Fundamental to the expansion of U.S. technologies to the most remote corners of the world has been the free flow of data across global borders.

Increasingly, however, the ability of American companies to compete against foreign competitors has been burdened by restrictive data laws in a number of countries. This concern was once limited to “techno-autocracies” like China and Russia, but in more recent years, these harmful policies have spread to U.S. allies like India, the world’s largest democracy. Over the long term, data localization laws risk fracturing the global internet as we’ve always known it.

While there is much work to be done on advancing the architecture of U.S. digital power, the infrastructure already exists to ensure the U.S. can maintain a competitive edge against its global competitors. Key to this work will be leveraging two distinctly American advantages. The first is technological strength. The second is a network of allies around the world and private sector partners at home that share a commitment to democratic values. 

The Chinese government has already made it clear in its Five-Year Plan (5YP) that technological independence and self-reliance will be cornerstones of its development strategy. We encourage the Biden administration to develop its own national strategy for protecting America’s technological edge through the deployment of U.S. digital power.  

Admiral James Stavridis, USN (Ret.) is the former Supreme Allied Commander at the North Atlantic Treaty Organization (NATO) and commander of U.S. Southern Command, and Frances Townsend is former White House Counterterrorism and Homeland Security Advisor. Both are National Security Advisory Board Co-Chairs for the American Edge Project.