Discussions and legislation centered on requiring intelligence agencies to share information with the private sector have once again come to the forefront. The Permanent Select Committee on Intelligence on Nov. 30 approved a piece of legislation that would expand a pilot program (the name of which was not disclosed) that's focused on sharing classified and sensitive threat intelligence with defense contractors.
Cyber defense is all about intelligence. Understanding the threat environment and being warned beforehand about possible cyberattacks is the foundation of cyber defense, which has become a fundamental requirement for critical infrastructure providers.
At a defense forum held in August, then Deputy Defense Secretary William Lynn pointed out the value of sharing cyber threat intelligence, stating, “Already the pilot [program] has shown us hundreds of signatures we wouldn’t previously have seen and stopped hundreds of attempted intrusions.” Programs such as this are also being considered for critical infrastructure providers. Many critical infrastructure providers in the private sector must create internal capabilities to deal with classified information which requires much more than just getting people cleared.
All this is positive and helps to manage cyber risks; however, there is a downside. Many intelligence leaks have been traced back to insiders. Whether accidental or purposeful, these leaks are really damaging and a proactive approach must be taken to stop this growing trend. Perhaps the best approach to manage this risk is continuously keeping security in the front their minds.
When it comes to cyberattacks and acts to cyber espionage, critical infrastructure providers and defense contractors are on the front lines. The seemingly relentless barrage of the cyber hostilities they experience mandates updating intelligence about the threat environment on a near real-time basis. Programs such as this that share intelligence represent a great step forward.
Posted on Dec 08, 2011 at 6:54 AM0 comments
A 12-page cyber policy report by the Defense Department has received a lot of attention around the world. DOD prepared the report for Congress. In the document, DOD left no doubt that if the United States were to fall victim to a cyberattack, all mechanisms of response were on the table, including the use of kinetic weapons. This certainly follows the lead set earlier this year by now retired Gen. James Cartwright, the former vice chairman of the Joint Chiefs, who stated that a cyberattack that takes out the power grid might be responded to with a missile attack.
This is the latest exchange in the cyber war of words that continues to heat up on multiple fronts. One has to conclude that this is a warning after several successful cyberattacks, a few of which have made it into the mainstream media. Previously, we have fallen victim to cyberattacks and responded with great restraint given the substantive arsenal of advanced cyber weapons the United States military has at its disposal. As you might recall, earlier this year DOD stated that computer sabotage coming from another country can constitute an act of war.
A show of power is often a great deterrence and in the cyber domain it is no different. It is highly likely with all that is going on in the cyber domain, such a display will take place in the not too distant future.
Posted on Dec 01, 2011 at 1:34 PM0 comments
The International Atomic Energy Agency has released its latest report about the current state of Iran’s nuclear program that's based on intelligence supplied by member states of the IAEA.
In this report, like many previous reports, the watchdog organization continued to raise concerns about a clandestine nuclear weapons program hidden from inspectors. The IAEA said Iran is not providing the necessary cooperation for it to completely rule out a military dimension to Iran’s nuclear initiatives.
Iran has a long history of deception and denial regarding its nuclear program that's reported to include nuclear weapons initiatives. On Nov. 11, the IAEA briefed 35 nations about this and showed satellite images, letters, diagrams and other documents to support its findings.
As news of this report became public, an intense discussion ensued about Stuxnet, the cyber sabotage program designed to disrupt Iran’s nuclear enrichment efforts. Stuxnet was a cyber weapon -- a worm -- that targeted the industrial process controllers used for Iran’s centrifuges. To justify their view that Stuxnet was a failure, some point to comments that by this time next year it is highly likely Iran will have developed a nuclear weapon. In contrast, others believe that if it was not for the Stuxnet cyberattack, Iran probably would have a nuclear weapon by now.
Stuxnet was designed to delay Iran. That it did. Others are questioning the value of Stuxnet and ask if the attack should have been more aggressive. Was the total cost of Stuxnet divided by program delay an acceptable value? Most say that any delay in the proliferation of nuclear weapons is worth it.
Posted on Nov 17, 2011 at 7:34 AM0 comments
A report released in early November by the National Counterintelligence Executive, the agency on point to mitigate the threat of foreign spying on the U.S. government, has created quite a stir.
The report named China and Russia as the top two countries conducting cyber espionage activities that pose an economic threat to the United States. One intelligence official called China the world's biggest perpetrator of economic espionage, citing the increase of sensitive data theft. The report went on to state that the attacks and resulting exfiltration of technology and industrial secrets are putting at risk an estimated $398 billion in U.S. research and development spending.
Rep. Mike Rogers (R-Mich.), chairman of the U.S. House Intelligence Committee, was very vocal about the testimony and publicly stated that China's cyber espionage efforts are at an “intolerable level.” Other media sources report he went on to call upon the United States and its allies to confront Beijing. Following years of reports that China is behind cyberattacks that have hit government research facilities, universities and the private sector, it appears some on Capitol Hill have reached the boiling point.
The big question that is being asked is what level of confrontation does Rogers have in mind? Are these attacks pushing us closer to the Cyber DEFCON 1 level? No one knows because we still have not defined what constitutes an act of cyber war, nor have we specified how we will measure and establish what we feel is an unacceptable level of impact from these cyber incidents.
Posted on Nov 10, 2011 at 9:57 AM0 comments