Defense Secretary Leon Panetta’s comments during a recent interview with CBS News have certainly gotten attention. He talked about “paralyzing our financial systems,” “bringing down our power grid” and “paralyzing the country.” These are strong warnings to be sure. He went on to say we need to “be prepared to be able to be aggressive when it comes to cyber efforts.” This was music to the ears of some defense contractors; that is, to those involved in cyber.
Here are the top cyber threat predictions for 2012:
- -Cyberattacks in 2012 are expected to focus on mobile devices (source: McAfee).
- -Global spending on cyber warfare for 2012 is estimated at $15.9 billion (source: Visiongain).
- -Cyberattacks targeting specific organizations in specific industries are expected (source: Symantec).
- -Cyber threat intensity increased 2.6 times in 2011 and is expected to grow faster in 2012 (source: Technolytics).
- -Cyber espionage will dominate corporate and national information security landscapes this year (source: Panda Labs).
Analysis of the five cyber threat predictions paints a bleak picture for cybersecurity in 2012. The threats seem extremely challenging, if not a bit overwhelming. We are seeing the modernization of armed conflict and, at this point, there are more questions than answers.
The administration’s budget cuts have had a minimal effect on the funding for the U.S. cyber warfare capabilities; however, it is clear that the sheer number of cyber adversaries coupled with the massive number of sole practitioners involved in vulnerability identification and sale combine to challenge the U.S. military’s operational abilities to defend against the increasing frequency and sophistication of cyberattacks.
Posted on Jan 12, 2012 at 8:36 AM0 comments
A number of references lately compare cyber weapons with the nuclear arms race of the Cold War. Although our recent cyber situation and what we experienced during nuclear weapons development each represent an arms race, that is where the similarities end. Consider this; the latest threat intelligence on nuclear weapons shows that even with some being dismantled in 2010, there are still more than 22,000 total nuclear warheads in the world owned by nine different countries.
Cyber threat analysis indicated that with the average the malware proliferation in 2010, the creation of 22,000 cyber weapons would take only 2.5 hours to create compared with the years it took to develop the current number of nuclear weapons.
Nuclear warhead owners
- Russia
- United States
- France
- China
- United Kingdom
- Israel
- Pakistan
- India
- North Korea
According to version 3.0 of the Cyber Commander’s eHandbook, nearly 180 countries have cyber weapons along with more than a dozen terrorist groups as well as a number of criminal organizations. Think about the massive infrastructure needed to develop a nuclear weapon and also a rocket to move the warhead from launch point to its intended target. Now consider the infrastructure needed to develop a cyber weapon, which is next to nothing. Nuclear weapons require highly enriched uranium, in contrast to cyber weapons that require no restricted or exotic materials. Finally, compare the cost of developing nuclear weapons versus the cost of developing cyber weapons. The U.S. nuclear weapons program spent $5.8 trillion between the early 1940s and 1996 alone. An ad that appeared on a hacking board stated 24-hour distributed denial-of-service of any website for $599 – what a bargain.
There is no comparison. The broad availability of cyber weapons and their modest cost clearly differentiate the cyber arms race from what we experienced in the Cold War. It is time we treat this for what it is – something new and different.
Posted on Jan 05, 2012 at 6:54 AM1 comments
The growing dependency on information systems and devices continues to grow. This growth has increased the need for cybersecurity staff members to provide defenses against a plethora of cyber threats that we face. The National Institute of Standards and Technology recently projected that by 2015, the United States will need 700,000 new cybersecurity professionals.
Where will we get all these resources? According to the 2011 QS World University Rankings for Computer Science and Information Systems programs, the top five countries and the number of universities they have in the top 50 are:
- 1. United States, 21.
- 2. United Kingdom, 6.
- 3. Australia, 5.
- 4. Canada, 4.
- 5. China, 3.
We have world class university programs that provide the foundation for those studying cybersecurity and equally as important is continuing education. As the cyber threat environment continues adapt to the defense measures we put in place and leverage new and creative methods of attack, cyber defenders must update their knowledge and skills on nearly a continuous basis. This represents a significant difference from the mental models of education that are somewhat ingrained today.
Continuing education and ongoing training are critical to effectively working in the cybersecurity field. As technology continues to advance and new products and services emerge, the challenge of security in the connected environment will change and become more challenging as the diversity of the hardware and software increases. Integrating ongoing cyber training into the job descriptions and employment agreements must begin now. We do not have a choice, we must take action now to ensure we have those 700,000 cybersecurity professionals and continue to update the cybersecurity workforce and also the training programs our future cybersecurity workers will need.
Posted on Dec 22, 2011 at 6:46 AM0 comments
While working on the latest cyber situation report, I couldn’t help but notice the significant increase in the cyber threat when compared with the threat rating in 2010. For those unfamiliar with the term, a cyber situation report is defined as a regularly scheduled update to an existing report or an ongoing status of an event or threat related to cyberspace. It is issued as conditions change or events begin to unfold. This is a communications method used to keep those with a need to know up to date.
The area seeing one of the larger increases in activity over that in 2010 are the numerous warnings that are being released. An increased amount of research and threat analysis has alerted digital asset owners, critical infrastructure providers and others to the real threats and vulnerabilities that could expose these organizations to acts of espionage, sabotage and attacks.
The subcategory gettting the most concern is mobile devices. It is hard to pick up a technical publication and not see one or two articles on this topic. The second area receiving a fair amount of attention is cloud security. The adoption of this model of computing services has security practitioners calling for security to be built in and not treated as an afterthought, as is often the case.
Although there are still those who believe this threat is overblown, the overwhelming majority recognize the threat, and several believe the current state of defensive measures falls short. Many believe it will take a cyberattack that disrupts our normal way of life before the threat will be properly addressed.
Posted on Dec 15, 2011 at 5:25 AM0 comments