Many people did not realize that June was National Internet Safety month. During that time I was contacted a number of times by researchers and investigators and a common theme emerged from their many questions. The question was: Is our safety affected by the increasing threats in cyberspace? The answer was easy: Yes. That has been stuck in my mind ever since.
For years now a debate has been underway over the idea that terrorists could mount a cyberattack on computers and supervisory control and data acquisition systems that result in physical destruction. However, back in 1982 a Soviet pipeline exploded and the cause of the explosion has been attributed to a computer system attack (a cyberattack in today’s terms).
Sources have stated that the CIA inserted a logic bomb into the control system and that caused the Siberian pipeline to explode. The U.S. Air Force rated the explosion at the 3 kilotons level (the equivalent of a small nuclear weapon). Targeting a Soviet pipeline linking gas fields in Siberia to European markets, the operation sabotaged the pipeline's control systems with software from a Canadian firm that the CIA had doctored with malicious code. Thomas Reed, a U.S. National Security Council aide during that period disclosed the cyberattack in his 2005 book, At the Abyss.
The Stuxnet cyber incident was recent proof of the physical destruction aspect with reportedly more than 1,000 damaged uranium enrichment centrifuges being replaced in Iran’s nuclear enrichment efforts. Practically everyone is using Stuxnet as the case example. In fact, information has surfaced that China's fears of cyber attacks have been the primary driver behind their massive defense spending.
There have been whispers of incidents thought to be caused by a cyberattack that have resulted in the loss of life, but no formal acknowledgement has taken place. This is a huge safety issue and one that needs to be addressed before we all read about the loss of life due to a cyberattack in the headlines of our newspapers.
Posted on Sep 20, 2012 at 9:26 PM0 comments
On Sept. 5, Iain Lobban, who is the head of Great Britain's Government Communications Headquarters, which is a member of the British intelligence community, hosted a discussion with executives from the Financial Times Stock Exchange 100-listed companies. During that discussion he advised that businesses face and unprecedented threat from cyberattacks.
The amount of attention this topic has received has certainly increased over the past few years. This is not just filler content; there is substance to it, and there is good reason for the heightened coverage. Also on Sept. 5, cybersecurity icon McAfee released its Second Quarter Threats Report. In that report, McAfee acknowledged the largest increase in the identification of new malware strains in the past four years.
It is not just the frequency of attacks and amount of new malware, cybersecurity experts also have expressed concerns over the growing sophistication of the processes and methods used in the newer attacks. For years now, CIOs and CISOs have warned business executives about the threats they face from cyberattacks. Cyber crime has continually grown in frequency and sophistication, as well as cyberattacks being launched by terrorists, hacktivists, foreign countries and other entities. Cyberattacks have become so common, it seems as if businesses are beginning to treat them like they have come to treat inventory shrinkage. If you are not familiar with that term it is the dressed up verbiage used in place of the common terminology for shoplifting and employee theft.
Have executives become numb to the constant bombardment of Internet media coverage of cyberattacks? Are we now just treating the losses due to cyberattacks as a cost of doing business? It certainly looks that way.
Posted on Sep 13, 2012 at 9:26 PM0 comments
Well it happened. The U.S. national debt has reached $16 trillion (twelve zeros). America has had to spend an unprecedented amount of money to reach this level of debt. Many financial experts, political scientists as well as security experts and even some of our best military minds have warned that the greatest threat to the United States is our national debt.
They are not the only ones. According to a recent Gallup poll, more than 9 in 10 Americans are at least somewhat concerned about how much of our nation’s debt is held by China and other countries. This problem has the Democrats and the Republicans pointing fingers at each other and in an intense debate over what approach should be taken to address this issue. Should we tax our way out of this? Should we spend our way out of this? Should we cut taxes to spur investments? So who is right? None of them. This is a deep hole, and we must use every tool in our toolbox and some other techniques that we have used in the past to address this issue.
So other than the tax and spend debate, what path can lead us out of this mess? We need another technology revolution like the ones we have seen in the past, but with learning from some of the mistakes that were made. Being a technology strategist coming out of Netscape, I openly admit my bias. If you look at the areas of technology that come to mind they include:
* Biotech. This is way too regulated to significantly contribute in the short-term.
* Infotech. The current outlook for breakthroughs is nothing more than buffing and polishing what we have already.
* Material science. This would be supported by molecular manipulation via nanotechnology.
I believe the answer lies in the area of material science. Creating new materials that are lighter, stronger, and cheaper and with new highly desirable properties would likely spur the level of change needed to address our slow economy and huge debt. There is the challenge for those in the United States working in that field, and our challenge is to protect the intellectual property from theft via cyber espionage.
Posted on Sep 06, 2012 at 9:26 PM3 comments
At an AFCEA conference held in Baltimore in August, Marine LtGen Richard Mills, who led international forces in southwestern Afghanistan between 2010 and 2011, said during his briefing that U.S. commanders now consider cyber weapons another weapon in their arsenal to prosecute their missions.
In his comments he openly stated that as a commander in the Afghan War, he was able to use cyber operations with great impact. He went on to say that he used the cyber intelligence he had gathered to defend U.S. systems against the nearly continuous hostile cyberattacks designed to affect his operations.
If you really examine what Mills said, two very important observations can be drawn from these comments.
First and foremost, this is a huge accomplishment when it comes to opening up the minds of military leaders to the potential cyber weapons have when it comes to strategies, tactics and mission planning.
Second, most non-military personnel look at our adversaries in Afghanistan as unsophisticated combatants. Most have an image of roaming armed groups with automatic weapons and rocket propelled grenade launchers. Very few individuals have mental models of our enemy that include the capability to launch cyberattacks against our systems.
The best cyber intelligence comes from monitoring cyberattacks against our systems--both in theater and everywhere throughout the world. The mental model that suggests we should only be concerned about the cyber capabilities of top militaries around the world could not be further from reality. The recent disclosure of cyberattacks that disrupted the Iranian nuclear enrichment process has legitimized cyber weapons and their capabilities for those who were doubters.
Posted on Aug 30, 2012 at 9:26 PM0 comments