The U.S. strategy for countering cyber-security threats in the past has barely kept pace with the variety and complexity of the latest digital threats. Just in time for a recent surge in attacks and intrusions, however, it seems a more coordinated and proactive approach is at last taking root.
Cyber attacks come in many guises, including denial-of-service actions designed to jam web servers; thefts of money, intellectual property and state secrets; and direct attacks on physical infrastructure using digital means.
In this latter category we recently witnessed what many experts have been warning about for decades: an apparent cyber attack on an Illinois water utility that caused one of its pumps to malfunction and burn out.
During the summer the White House explicitly linked the cyber and physical realms in its new cyber-security strategy – a move we applauded not only because it will allow for common and coordinated responses in two very different but interlinked arenas, but because it acknowledges that an attack is an attack regardless of whether or not it can be seen with the naked eye. As a consequence, a cyber attack could now plausibly result in a physical response.
More recently, the Department of Defense (DoD) issued an even more explicit statement of policy, stating that the U.S. will launch “offensive cyber operations” in response to hostile acts such as “significant cyber attacks directed against the U.S. economy, government or military” (see the full DoD policy report here).
Although not always mentioned by name, Russia and China are frequently the implied sources of cyber threats. Both countries have been accused of cyber espionage by the U.S. intelligence community, Russian hackers were fingered for the Illinois water utility incident, and China has been named in a number of others, including the infamous RSA hack in March. Former White House cyber-security adviser Richard Clarke recently said the Chinese are “the people who are doing us the most damage these days in cyber-space.”
Finally, for an interesting and well-informed perspective on the complex issues surrounding cyber-security, listen to an interview that SearchSecurity.com conducted with Tony W. Sager, Chief Operating Officer of the Information Assurance Directorate of the National Security Agency (NSA). In one videotaped segment, Sager discusses the big-picture message from this year’s major security breaches, and also why the hype about Advanced Persistent Threats isn’t fully justified. In the second, he addresses questions surrounding the likelihood of a “digital Pearl Harbor” cyber attack, the trouble identifying the origin of a major cyber attack like Operation Aurora, and why doing just enough to disrupt attackers is the ideal enterprise cyber-defense strategy.
Digital Sandbox is the leader in public safety risk management, providing analytic tools and information products to government agencies and large enterprises for optimizing risk-based strategic, policy and budgetary decisions.