Cyber Attacks a Growing Threat to
US Business and National Security
September 15, 2011
The past few weeks have seen a series of cyber attacks against the U.S. government (including penetrating the CIA and US Senate websites); Gmail accounts for U.S. officials, Chinese activists and journalists; multiple defense contractors including Lockheed Martin;international bodies such as the IMF and the G-20; and financial entities such as NASDAQ and Citibank. Overall, attacks on U.S. networks have increased forty percent in the past year.
Alarm bells are beginning to ring. British Defense Secretary Liam Fox said that these attacks were regular, in large number and had become a “matter of urgency.” Department of Commerce General Counsel Cameron Kerry said the “recent wave of cybersecurity attacks and breaches sounds an urgent wake-up call.”
The attacks are impacting US businesses. Google was one of approximately twenty U.S. companies believed to be targeted by a very sophisticated attack originated by China. The FBI also has identified $20 million in attempted wire fraud in the last year alone in which banking credentials of small-to-medium sized U.S. businesses were compromised and used to initiate wire transfers to Chinese companies. Google has gone public with the attack because it believes they were motivated by a desire to get Gmail account information on human rights activists.
Google’s move has been applauded by some since, as one expert put it, “those who have been targeted by China have dealt with a certain level of persistence and seen these attacks take place over long periods of time, where all signs point back to China and it really feels like they’re not even trying to hide that it’s them anymore.”
Outgoing Defense Secretary Robert Gates indicated that the U.S. is prepared to use force against cyber attacks that could be considered acts of war. Gates also indicated that it was not one country involved. For example, Russian hackers have reversed-engineered Skype and posted the results on the Internet and Russian intelligence is suspected to be behind a March hack that swiped 24,000 Pentagon files.
Most recently, an Iranian hacker penetrated DigiNotar, a Dutch SSL certificate authority, and caused over 500 fraudulent security certificates to be issued including certificates for Facebook, Skype, Mozilla, Microsoft, Yahoo, Android, Twitter and domains owned by the CIA, Israel’s Mossad and the UK’s MI6 which could be used to spoof such sites.
The Obama administration has responded to the growing threat first by establishing a Cyber Command within the Pentagon in 2009 and releasing an International Strategy for Cyberspace earlier this year. The administration also has proposed cybersecurity legislation that would impose harsher penalties for cybercriminals and establish a national standard for data beach disclosures, while requiring the Department of Homeland Security to work with the private sector, to identify and address vulnerabilities for critical infrastructure. After Citibank drew fire for its delay in reporting (and its under-reporting) its data breach, the Securities and Exchange Commission is considering issuing guidance on when public companies must disclose material attacks to investors.
The U.S. is not above playing cyber-offense, however, as there are reports that the Stuxnet worm that derailed Iran’s nuclear program was a covert U.S. initiative.
At a time when the phrase “Cyber Pearl Harbor” has begun to enter into our lexicon, Kapersky Lab’s Roel Schouwenberg believes the recent DigiNotar attacks may have greater consequences than the Stuxnet virus in terms of the scope of its disruption and potential impact in putting “cybersecurity and cyberwar on the political agenda”. That may ultimately be a good thing, since greater emphasis on cybersecurity may be necessary if we hope to stop the phrase “Cyber Pearl Harbor” from entering into our history books.