Categories
Quick Analysis

The Cyber Threat

Speaking at the 2015 USSTRATCOM Deterrence Symposium recently, Dr. Brad Roberts, who served as  Deputy Assistant Secretary of Defense for Nuclear and Missile Defense Policy in the first Obama Administration, stated that cyber warfare capability is a key operational concept.

The New York Analysis of Policy & Budget reported in 2013 that “America faces a number of cyberspace threats. The most serious are from those wishing to engage in espionage to steal both military and technological secrets, and from those who wish to turn the nation’s own computer systems against it by dismantling defense systems and committing sabotage against key civilian infrastructure. Cyber attacks have escalated by 1,700% since 2009, costing intellectual property theft losses over $400 billion.

An armed attack following a cyber assault would be exceptionally effective. Key defense systems could be disabled, leading to a military that is deaf, dumb, and blind, defending a nation that may have its electrical, energy, water, transportation and other crucial systems heavily disrupted.

General Keith Alexander, the former commander of the U.S. Cyber Command, openly worried that the United States was not adequately prepared for a cyber attack. He noted that on a scale of  one to ten in preparedness, the U.S. was at about a three. He emphasized that the time to stop a cyber attack is less than a minute–far less time than preparing for an incoming missile attack.”

The Fireeye organization ‘s report, “Gazing into the Cyber Security Future” notes that “As the technology landscape evolves and attackers continue to adapt, we’re going to see new vulnerabilities to mobile, new operating systems and the cloud—and new ways for attackers to exploit these weaknesses. Preventing every breach is impossible.”

James R. Clapper, the Director of National Intelligence, reviewed  the 2015 cyber threat environment:

“Cyber threats to US national and economic security are increasing in frequency, scale, sophistication, and severity of impact. The ranges of cyber threat actors, methods of attack, targeted systems, and victims are also expanding. Overall, the unclassified information and communication technology (ICT) networks that support US Government, military, commercial, and social activities remain vulnerable to espionage and/or disruption. However, the likelihood of a catastrophic attack from any particular actor is remote at this time. Rather than a “Cyber Armageddon” scenario that debilitates the entire US infrastructure, we envision something different. We foresee an ongoing series of low-to-moderate level cyber attacks from a variety of sources over time, which will impose cumulative costs on US economic competitiveness and national security.

  • A growing number of computer forensic studies by industry experts strongly suggest that several nations—including Iran and North Korea—have undertaken offensive cyber operations against private sector targets to support their economic and foreign policy objectives, at times concurrent with political crises.

Developed as a viable alternative to order cialis professional , this medicine also contains Sildenafil citrate. Take viagra for sale india no more than one tablet daily and let 24 hour period pass by before taking another one. Continue reading healthier facts to use Here, we are going to explore the most commonly found medical illness called erectile dysfunction. discount pfizer viagra The medicine is actively prescribed as the same aids in causing improvement in the blood circulation that helps in flushing of blood across all muscles and primarily the penile muscles so as to provide harder erection during the intercourse. cheapest price on tadalafil
Risk. Despite ever-improving network defenses, the diverse possibilities for remote hacking intrusions, supply chain operations to insert compromised hardware or software, and malevolent activities by human insiders will hold nearly all ICT systems at risk for years to come. In short, the cyber threat cannot be eliminated; rather, cyber risk must be managed. Moreover, the risk calculus employed by some private sector entities does not adequately account for foreign cyber threats or the systemic interdependencies between different critical infrastructure sectors.

Costs. During 2014, we saw an increase in the scale and scope of reporting on malevolent cyber activity that can be measured by the amount of corporate data stolen or deleted, personally identifiable information (PII) compromised, or remediation costs incurred by US victims.

For example:

  • After the 2012-13 distributed denial of service (DDOS) attacks on the US financial sector, JPMorgan Chase (JPMorgan) announced plans for annual cyber security expenditures of $250 million by the end of 2014. After the company suffered a hacking intrusion in 2014, JPMorgan’s CEO said he would probably double JPMorgan’s annual computer security budget within the next five years.
  • The 2014 data breach at Home Depot exposed information from 56 million credit/debit cards and 53 million customer email addresses. Home Depot estimated the cost of the breach to be $62 million.
  • In 2014, unauthorized computer intrusions were detected on the networks of the Office of Personnel Management (OPM) as well as its contractors, US Investigations Services (USIS) and KeyPoint 2 Government Solutions. The two contractors were involved in processing sensitive PII related to national security clearances for Federal Government employees.
  • In August 2014, the US company, Community Health Systems, informed the Securities and Exchange Commission that it believed hackers “originating from China” had stolen PII on 4.5 million individuals.

Attribution. Although cyber operators can infiltrate or disrupt targeted ICT networks, most can no longer assume that their activities will remain undetected. Nor can they assume that if detected, they will be able to conceal their identities. Governmental and private sector security professionals have made significant advances in detecting and attributing cyber intrusions.

  • In May 2014, the US Department of Justice indicted five officers from China’s Peoples’ Liberation Army on charges of hacking US companies.
  • In December 2014, computer security experts reported that members of an Iranian organization were responsible for computer operations targeting US military, transportation, public utility, and other critical infrastructure networks.

Deterrence. Numerous actors remain undeterred from conducting economic cyber espionage or perpetrating cyber attacks. The absence of universally accepted and enforceable norms of behavior in cyberspace has contributed to this situation. The motivation to conduct cyber attacks and cyber espionage will probably remain strong because of the relative ease of these operations and the gains they bring to the perpetrators. The result is a cyber environment in which multiple actors continue to test their adversaries’ technical capabilities, political resolve, and thresholds. The muted response by most victims to cyber attacks has created a permissive environment in which low-level attacks can be used as a coercive tool short of war, with relatively low risk of retaliation. Additionally, even when a cyber attack can be attributed to a specific actor, the forensic attribution often requires a significant amount of time to complete. Long delays between the cyber attack and determination of attribution likewise reinforce a permissive environment.

Threat Actors:  Politically motivated cyber attacks are now a growing reality, and foreign actors are reconnoitering and developing access to US critical infrastructure systems, which might be quickly exploited for disruption if an adversary’s intent became hostile. In addition, those conducting cyber espionage are targeting US government, military, and commercial networks on a daily basis. These threats come from a range of actors, including: (1) nation states with highly sophisticated cyber programs (such as Russia or China), (2) nations with lesser technical capabilities but possibly more disruptive intent (such as Iran or North Korea), (3) profit-motivated criminals, and (4) ideologically motivated hackers or extremists. Distinguishing between state and non-state actors within the same country is often difficult—especially when those varied actors actively collaborate, tacitly cooperate, condone criminal activity that only harms foreign victims, or utilize similar cyber tools.

Russia. Russia’s Ministry of Defense is establishing its own cyber command, which—according to senior Russian military officials—will be responsible for conducting offensive cyber activities, including  propaganda operations and inserting malware into enemy command and control systems. Russia’s armed forces are also establishing a specialized branch for computer network operations.

  • Computer security studies assert that unspecified Russian cyber actors are developing means to access industrial control systems (ICS) remotely. These systems manage critical infrastructures such as electric power grids, urban mass-transit systems, air-traffic control, and oil and gas distribution networks. These unspecified Russian actors have successfully compromised the product supply chains of three ICS vendors so that customers download exploitative malware directly from the vendors’ websites along with routine software updates, according to private sector cyber security experts.

China. Chinese economic espionage against US companies remains a significant issue. The “advanced persistent threat” activities continue despite detailed private sector reports, public indictments, and US demarches, according to a computer security study. China is an advanced cyber actor; however, Chinese hackers often use less sophisticated cyber tools to access targets. Improved cyber defenses would require hackers to use more sophisticated skills and make China’s economic espionage more costly and difficult to conduct.

Iran. Iran very likely values its cyber program as one of many tools for carrying out asymmetric but proportional retaliation against political foes, as well as a sophisticated means of collecting intelligence. Iranian actors have been implicated in the 2012-13 DDOS attacks against US financial institutions and in the February 2014 cyber attack on the Las Vegas Sands casino company.

North Korea. North Korea is another state actor that uses its cyber capabilities for political objectives. The North Korean Government was responsible for the November 2014 cyber attack on Sony Pictures Entertainment (SPE), which stole corporate information and introduced hard drive erasing malware into the company’s network infrastructure, according to the FBI. The attack coincided with the planned release of a SPE feature film satire that depicted the planned assassination of the North Korean president.

Terrorists. Terrorist groups will continue to experiment with hacking, which could serve as the foundation for developing more advanced capabilities. Terrorist sympathizers will probably conduct low level cyber attacks on behalf of terrorist groups and attract attention of the media, which might exaggerate the capabilities and threat posed by these actors.

Integrity of Information

Most of the public discussion regarding cyber threats has focused on the confidentiality and availability of information; cyber espionage undermines confidentiality, whereas denial-of-service operations and data deletion attacks undermine availability. In the future, however, we might also see more cyber operations that will change or manipulate electronic information in order to compromise its integrity (i.e. accuracy and reliability) instead of deleting it or disrupting access to it. Decision making by senior government officials (civilian and military), corporate executives, investors, or others will be impaired if they cannot trust the information they are receiving.

  • Successful cyber operations targeting the integrity of information would need to overcome any institutionalized checks and balances designed to prevent the manipulation of data, for example, market monitoring and clearing functions in the financial sector.