The problem of International Cyber Attacks
General Keith Alexander, Director of the National Security Agency (NSA) and the man in charge of Cybercom, the U.S.'s new cyber security command, issued a warning recently of massive increases in the number of attempts by hackers and foreign countries to breach the nation's internet security.
What had originally started as virus and malware attacks by amateur hackers and disgruntled employees against computers and networks have now morphed into worldwide penetration by criminal enterprises and state sponsored terrorists.
The world of information security attacks and threats are growing in power and sophistication with nation backed Cyber attacks emerging. Although constituting isolated attacks so far, the new wave of Cyber attacks are more prevalent and dangerous. And, with the advent of (often hostile) national involvement in Cyber offensives, the risk to our nation's National Security is real and potentially devastating.
At risk are our tremendous advantages in military power, intellectual capital and industrial wealth.
Assets the United States has spent tremendous human and intellectual capital on to develop are now at risk of being stolen by clever cyber thieves that exploit weaknesses in our cyber security. The fact that cyber thieves can now operate across international borders and in safe have third countries with impunity only increases the threat. The threat affects government and industry alike.
Although most experts have predicted that this day would arrive, online infiltration could cause huge damage to the U.S. military and the nation's infrastructure, and the government and industry is not presently prepared to secure itself against such attacks.
The Obama administration is promising to spend billions to upgrade cyber defenses, and has already hired hundreds of specialists with doctorates in computer technology to work at the Cybercom and start building better security measures.
But the problem is one of huge proportions complicated by the rapid advance of technology, lack of clear concept definition, failure of adequate international cooperation and distrust between government and the private sector.
The 21st century battlefield is comprised of many components that include the Internet and all things that connect from a computer to the Internet. The terrain also encompasses information systems like the electrical grids, telecommunication systems, and various corporate and military systems.
In addition, although both defensive and offensive measures are required to fight the war on cyber terrorism, the cyber protective world is clearly operating in a reactive manner. Compounding this is the fact that the international networks of data are growing at a technological pace that outstrips cyber security development.
Although new technologies and processes are emerging to fight hackers and cyber terrorist, there is little uniformity in their use and adoption. In addition, international standards and cyber threat protection laws are not yet in place.
Is the Threat Real?
Although there is not yet a universal outcry against International Cyber Terrorism, recent events like the hacking of strategic Pentagon databases and the withdrawal of Google from internet operations in China are symptomatic of the magnitude of the problem. Many experts equate the complacent attitude toward International Cyber Attacks as that seen before the Japanese attack on Pearl Harbor that started World War II for the United States or the attacks on September 11, 2001 that started the War on Terror.
Cyber attacks are often classified as low probability, high damage events similar to major natural disasters or fatal airplane crashes. When they happen, the level of public concern is high. And the number of occurrences, the frequency and magnitude of attacks are increasing rapidly.
Developments in Cyber Security solutions
There is a growing awareness of the problem of International Cyber Attacks although the pace of development is slow and irregular. The Federal Government has tasked two agencies (National Security Agency - NSA for international cyber terrorism and the Department of Homeland Security- DHS for domestic cyber attacks) but there are problems with coordination and funding. More attention, a clear vision, definition of terms and significant increases in funding are required in order to develop effective solutions.
In addition, infrastructure assets are required in the form of the development and use of critical information and other databases. Each infrastructure development needs to be marketed to and adopted by the entire cyber defense community in order to enhance and leverage all available development in technology, law and standards. Universal evaluation of research and use of centralized data is an important first step in the war against International Cyber Attacks.
Until government and industry recognize the problem and cooperate in search of a solution International Cyber Attacks will grow and increase the threat to our Cyber Security.