Cyber threats worsen every second
Stronger measures necessary to address more frequent and sophisticated attacks
- By Kevin Coleman
- Apr 22, 2010
The current cyber threat environment is dramatically changing and becoming more challenging with every tick of the clock. Multiple cybersecurity reports found that in 2009, there were 25 million new strains of malware. That equals a new strain of malware every 0.79 seconds.
Cyberattacks have risen to unprecedented levels of sophistication and frequency. The significant number of viruses, worms and other forms of malware, coupled with the dramatic growth of botnets and the continuous rise in the number of cyberattacks, combine to confirm the significance and severity of the problem.
Senate Sergeant-at-Arms Terrance Gainer recently said the average number of cyberattacks now stands at 1.8 billion per month, and the Senate Security Operations Center gets 13.9 million cyberattacks a day.
In addition, NATO's secretary general, Anders Rasmussen, said NATO needs to increase defenses against cyber threats. Also, he clearly articulated that NATO is concerned about the range of potential cyber threats. The secretary general said, "There are many actors in cyberspace, and we have to develop a capacity to protect ourselves against those attacks." NATO recently increased its cybersecurity and defense efforts and has suggested that online warfare presents as serious a threat as missile attacks.
Meanwhile, FBI Director Robert Mueller recently warned that cyber terrorists "will either train their own recruits or hire outsiders...as a means to damage both our economy and our psyche--and countless extremists have taken this to heart and that a cyber attack could have the same impact as a "well-placed bomb."
A recent report from Britain’s House of Lords suggests that officials in Brussels have failed to boost the European Union's Internet defenses. It warned that a widening gap between NATO, the EU and member nations could leave their systems prone to cyberattack and compromise. Michael Jopling, chairman of the Lords' European Union committee, said, “The threat can come anywhere — including to individual businesses, financial services such as [London's financial distriict], critical infrastructure or the mechanics of government…and you never know quite who is responsible, which is part of the problem."
The committee criticized private-sector Internet service providers for a lack of interest in cyber defense. EU Competition Commissioner Neelie Kroes was quick to cite the China-based cyberattacks on Google services aimed at human rights activists and foreign businesses that use Google's e-mail service. The commissioner said that was clear evidence of the importance of preserving "the open and neutral character of the net."
To address cyber defense, we need robust risk management and a programmatic approach, in addition to substantive change to our models of conflict to be able to proactively deal with these threats, anticipate unknown future threats, and effectively and efficiently respond to successful attacks that target our critical systems and infrastructure. Part of that programmatic approach became public when Lt. Gen. Keith Alexander, the Obama administration's nominee to lead the new Cyber Command, said before the Armed Services Committee that the United States must retaliate against those who launch cyberattacks against it. He went on to say that the United States must fire back swiftly and strongly and should act to counter or disable a threat even when the identity of the attacker is unknown.
Governments around the world are now busy responding to the growing threat of cyberattacks. The United Kingdom's government recently created a new cross-governmental agency, the Cyber Security Operations Centre, that provides near real-time cyber threat situational awareness.
The resilience and integrity of a nation’s critical information infrastructure, along with government and military systems, are core components to a country’s national security. Given that, we can only hope the naysayers are ignored and national cybersecurity is fortified to withstand the constant attacks we are experiencing now and in the future.