Cyber War – Starting with a Blackout, Not a Boom

Nov
16
Posted on November 16, 2009 by Pete Schlampp - VP of Marketing and Product Management

Those of us who work in cyber security understand what the future could hold for cyber warfare. We see how technology, like any asset, in the wrong hands can be used for inappropriate, even evil, purposes.

Recently, 60 Minutes aired a cyber security broadcast “Sabotaging the System.” While the story might seem sensationalized to some (they are after ratings), make no mistake the next big war may just begin with a blackout, not a boom.

President Obama has made cyber war defense a top national priority because cyber threats are one of the most serious economic and national security challenges we face as a nation. Every major defense agency, including the Departments of Defense, State, Commerce, Energy and NASA, has been infiltrated.

Jim Lewis, director of the Center for Strategic and International Studies, told 60 Minutes: “They can disrupt critical infrastructure, wipe databases. We know they can rob banks. So, it’s a much bigger and more serious threat. “In 2007 we probably had our electronic Pearl Harbor. It was an espionage Pearl Harbor. Some unknown foreign power, and honestly, we don’t know who it is, broke into the Department of Defense, to the Department of State, the Department of Commerce, probably the Department of Energy, probably NASA. They broke into all of the high tech agencies, all of the military agencies, and downloaded terabytes of information.”

As I watched the 60 Minutes episode, I wasn’t at all surprised that more than two years later, the nation’s security experts are still uncertain and will probably never know who hacked these systems. This is why we at Solera Networks feel so strongly about the importance of active network forensics and dynamic defense.

Those of us who work in cyber security understand what the future could hold for cyber warfare. We see how technology, like any asset, in the wrong hands can be used for inappropriate, even evil, purposes.

Recently, 60 Minutes aired a cyber security broadcast “Sabotaging the System.” While the story might seem sensationalized to some (they are after ratings), make no mistake the next big war may just begin with a blackout, not a boom.

President Obama has made cyber war defense a top national priority because cyber threats are one of the most serious economic and national security challenges we face as a nation. Every major defense agency, including the Departments of Defense, State, Commerce, Energy and NASA, has been infiltrated.

Jim Lewis, director of the Center for Strategic and International Studies, told 60 Minutes: “They can disrupt critical infrastructure, wipe databases. We know they can rob banks. So, it’s a much bigger and more serious threat. “In 2007 we probably had our electronic Pearl Harbor. It was an espionage Pearl Harbor. Some unknown foreign power, and honestly, we don’t know who it is, broke into the Department of Defense, to the Department of State, the Department of Commerce, probably the Department of Energy, probably NASA. They broke into all of the high tech agencies, all of the military agencies, and downloaded terabytes of information.”

As I watched the 60 Minutes episode, I wasn’t at all surprised that more than two years later, the nation’s security experts are still uncertain and will probably never know who hacked these systems. This is why we at Solera Networks feel so strongly about the importance of active network forensics and dynamic defense.

If these agencies had comprehensive incident response plans and appropriate technology in place, they would have the capability to “rewind the tape” and likely identify what happened to specific files, data, etc., and take immediate steps to rectify the situation.

After this amount of time, not knowing how our nation’s assets were attacked, and the full scope of the attack, in my mind, is simply unacceptable. How are we going to stop the same person or group from compromising our nation’s security in the future if we have no idea who they are or how they attacked us.

With the nation’s security at risk, what is an appropriate response time? We can’t be comfortable with days, weeks, months…or never. We must settle for nothing less than swift, intelligent response.

If these agencies had comprehensive incident response plans and appropriate technology in place, they would have the capability to “rewind the tape” and likely identify what happened to specific files, data, etc., and take immediate steps to rectify the situation.

After this amount of time, not knowing how our nation’s assets were attacked, and the full scope of the attack, in my mind, is simply unacceptable. How are we going to stop the same person or group from compromising our nation’s security in the future if we have no idea who they are or how they attacked us.

With the nation’s security at risk, what is an appropriate response time? We can’t be comfortable with days, weeks, months…or never. We must settle for nothing less than swift, intelligent response.

Posted in Solera Networks |