Posts tagged Cyber Pearl Harbor
Posts tagged Cyber Pearl Harbor
Two years ago, a piece of faulty computer code infected Iran’s nuclear program and destroyed many of the centrifuges used to enrich uranium. Some observers declared this apparent sabotage to be the harbinger of a new form of warfare, and United States Secretary of Defense Leon Panetta has warned Americans of the danger of a “cyber Pearl Harbor” attack on the US. But what do we really know about cyber conflict?
The cyber domain of computers and related electronic activities is a complex man-made environment, and human adversaries are purposeful and intelligent. Mountains and oceans are hard to move, but portions of cyberspace can be turned on and off by throwing a switch. It is far cheaper and quicker to move electrons across the globe than to move large ships long distances.
The costs of developing those vessels – multiple carrier task forces and submarine fleets – create enormous barriers to entry, enabling US naval dominance. But the barriers to entry in the cyber domain are so low that non-state actors and small states can play a significant role at low cost.
In my book The Future of Power, I argue that the diffusion of power away from governments is one of this century’s great political shifts. Cyberspace is a perfect example. Large countries like the US, Russia, Britain, France, and China have greater capacity than other states and non-state actors to control the sea, air, or space, but it makes little sense to speak of dominance in cyberspace. If anything, dependence on complex cyber systems for support of military and economic activities creates new vulnerabilities in large states that can be exploited by non-state actors.
The Russians are picking our pockets, the Chinese are stealing our most vital secrets, and there’s nothing we can do about it – and it’s all going to get worse.
That was the basic conclusion after Friday’s Air Force Association cyber-conference, where speaker after speaker drove home the utter futility and helplessness of today’s cyber climate, all the while warning that the problem will only grow.
Richard Bejtlich, chief security officer for the info-security firm Mandiant, said 100 percent of the high-profile intrusions his company tracks were done with “valid credentials” – meaning the cyber bad-guys had been able to steal a real user’s login and password, obviating the need for more complex attacks.
The typical time between an intrusion and its discovery is 416 days, he said – down from two or three years – and the way most companies find out about them is when they get a visit from the FBI.
The publicly available malware in the so-called “cyber underground” is now so good that you can do a lot of damage without a dedicated team of code-writers coming up with their own stuff, speakers said. In fact, the much-discussed cyber attack against Georgia was carried out mostly with publicly known tools – “there was nothing sacred here,” said National Defense University iCollege chancellor Robert Childs.
Cyber-intrusions and compromise are so endemic, Bejtlich said, that many attackers don’t even bother with the wholesale vacuuming of information that used to characterize cyber-snooping. Now hackers go after very specific pieces of information, often data that is useless on its own, he said.