11 August 2025

Confronting Core Problems in Cybersecurity

Sara Frueh

It’s common for governors and mayors to declare a state of emergency and activate the National Guard in the aftermath of hurricanes, tornadoes, and other natural disasters. But last month, officials in Minnesota took these steps in the wake of a major cyberattack on the city of St. Paul — a testament to how disruptive these attacks have become. The attack, and the city’s efforts to contain the damage, hobbled city operations and a range of services online and in real life for citizens. Cyberattacks are an enormous problem, and it’s getting worse in the sense that more people and products and services rely on cyber components,” said John Manferdelli, an independent consultant and National Academy of Engineering member, in a recent interview.

Manferdelli, a mathematician and cryptographer who has held cybersecurity leadership positions at Microsoft, Intel, and Google, is now leading work at the National Academies to steer the nation’s cyber systems toward greater security and resilience. He recently chaired a committee that wrote the report Cyber Hard Problems: Focused Steps Toward a Resilient Digital Future, and currently leads the Forum on Cyber ResilienceThere are two reasons the attacks are increasing,” said Manferdelli. “One is that the use of cyber technology is just exploding — everything is cyber enabled. 

And the second is, it’s easy to do. People have made some progress on making it less easy to do, but not a lot. The prevention regime is pretty modest.” Governments are some of the most skilled cyberattackers, often launching “polite” attacks meant to collect intelligence rather than to disrupt anything, Manferdelli said. “But increasingly, attacks are actually meant as sort of a weapon. So, in Ukraine, for example, there have been loads of cyberattacks on critical infrastructure in the last year or two — wastewater plants, electrical generation, telecommunications.”

Frequently, attackers’ motivation is solely monetary, as in ransomware attacks, in which an attacker locks an individual’s or company’s data and demands payment for its release. “There’s been a gigantic increase in these attacks over the past two years, and it’s still growing,” he said. “They are carried out by countries and just regular old criminals.” Whatever their motivation, attackers often operate with impunity, explained Manferdelli. “Unlike other crimes, you can be in one country and commit a cybercrime in another country. Sometimes it’s hard to tell who did it, because if they’re practiced, they’re probably very good at concealing their tracks. 

No comments: