Home » Cyberspace Attacks America's Top Security Threat

Reprint

A report released Monday identified cyberspace attacks as the number one threat to American security. According to the report, the US is not currently using the highest technical security measures in government, private industry, or consumer internet sites and connections, the US has no plan to use economic tools to bring about innovation to protect the public good, the US has limited military plans to defend or create attacks involving cyberspace, and the US has no clear policy means by which to signal other countries about US responses to implied or direct threats. American internet borders are open, easily penetrated, and have few sufficient fire walls to prevent breaches.

What will the US do if we come under cyberattack? The internet leaves the United States vunerberable to attacks on its financial institutions, its government operations, its intelligent gathering functions, its military operations. Cyberattacks can steal millions of American identities and wipe out bank accounts and data files faster than a flash. Cyberattacks can be originated from anywhere. In fact, recent computer break-ins at the Pentagon, the White House, State Department, and Commerce Departments appear to have orginated in Russia and China.

What's the state of defense against electronic intrusions that can disrupt national life, cripple the military, violate national security? What is the best defense-criminal prosecution, military action, or diplomatic and trade sanctions?

A special commision, the Commission of Cybersecurity for the 44th Presidency is sending a report that assesses the risk and proposes solutions to Capitol Hill this week.

Cybersecurity has been the focus of conferences recently held in Africa and Asia which have looked at crime, cyberterrorism, corporate data security, software attacks on utilies including water systems and electric grids. Attacks are being made from all platforms, even mobile phones.

Reliable estimates indicate one in five European computer users have already been victims of cyber crime. Moreover, the recent military confrontation between Georgia and Russia involved elements of cyber warfare.

The types of attacks range from stolen identities and unauthorized purchases, to viruses erasing entire systems, break-ins to that alter files, or gaining control of a system to attack other systems. This kind of attack took place in 2007 against Estonia in which systems from across Europe, the US, and China were used in an attack and made counterstrikes difficult because of the damage they would do to the "hostage" networks, without damaging or reaching the attackers.

The lack of preparation is so acute that at present "no lexicon for strategic cyberspace conflict" exists! In other words, thee is no language to conceptualize or discuss potential threats or attack scenarios.

The US Department of Homeland Security is home to the Computer Emergency Readiness Team (CERT). (URL: http://www.us-cert.gov/cas/techalerts/ .) US-CERT is currently charged with protecting our nation's Internet infrastructure by coordinating defense against and response to cyber attacks.

US-CERT issues a week summary of new vunerabilities. The December 1 st summary lists over 50 items, many related to new code or products produced for the public sector. The November 24 th summary include high alerts for Apple iphones, microsoft windows, novell, and redhat, medium alerts for adobe and microsoft, and low alerts for Apple and IBM.

The current national threat level is yellow, or elevated (level three of six levels), but US-CERT has no specific intelligence suggesting an imminent threat to the homeland at this time.

Corrections and upgrades that fix previous issues are also reported by US-CERT on their website.

Illegal immigration not withstanding, the cyber threats coming acoss out borders need President-elect Obama's immediate attention. Declaring that "cybersecurity is a major national security problem," the Commission's findings urge Mr. Obama to create a White House office to develop, direct, and coordinate "comprehensive national security strategy that embraces both the domestic and international aspects of cybersecurity."

Let's hope the President-elect gives cyberattacks the resources the safety of our nation's cyberspace deserves. At present, only $300 million is included in the federal budget for cyber security research and development, but there is $2 billion for climate change research. As he proposes rebuilding the American infrastructure, it should not only include elements of the industrial age, roads and bridges, but also should make secure electronic and wireless paths and connections of the information age.

The entire report by the Commission can be viewed as a PDF in a tab or window at: http://www.csis.org/component/option,com_csis_pubs/task,view/id,5157/

Other websites of interest for more information on internet security include C-Net security articles: http://news.cnet.com/8300-1009_3-83.html?tag=hdr;snav

"How Safe is my Gmail?" at PC World: http://www.pcworld.com/article/155044/how_safe_is_my_gmail.html

And "A Day in the Life of a Web 2.0 Hacker" at PC MAG.COM: http://www.pcmag.com/article2/0,2817,2330952,00.asp

 

Coming Sunday: the release of my new e-book, "From the Front Porches of Charleston." It is a free special edition e-book, downloaded from lulu.com. Sunday, we'll provide you with the free direct acess code for the download. It contains over 100 pages of photos!