Government warns of looming cyberthreats

White House Director of National Intelligence Dennis Blair says the U.S. is severely under the threat of greater cyberattacks but believes we can rise to the challenge.

Blair appeared before a Senate panel on Tuesday to deliver the Annual Threat Assessment of the U.S. Intelligence Community (PDF). A statement of Blair's remarks to the Senate Select Committee on Intelligence was released for the record. While he focused mostly on non-cyberterrorism and similar threats, he led off with a stark report on the growing dangers and challenges of cyberwarfare.

Seeing the recent attacks against Google as a "wake-up call," Blair cautioned those who may treat the problem lightly. He also praised companies who report such incidents as they help Washington better understand the nature of cyberthreats that can affect the entire nation.

Blair detailed a laundry list of adversaries on the cyberwarfare front, including other nations, terrorist networks, and organized crime groups, all of whom have the knowledge and means to attack U.S. networks to disrupt operations and steal sensitive information.

"Terrorist groups and their sympathizers have expressed interest in using cyber means to target the United States and its citizens," said Blair. "Criminal elements continue to show growing sophistication in their technical capability and targeting. Today, cyber criminals operate a pervasive, mature on-line service economy in illicit cyber capabilities and services, which are available to anyone willing to pay."

Blair described how cybercriminals have gotten more savvy and sophisticated in their attacks. He pointed out the use of self-modifying malware, which sneaks past traditional security tools. The use of cell phones to conduct financial business has opened another target for criminals. Finally, the bad guys themselves are better organized, he said, as they continue to set up global networks to exchange information.

In his remarks, Blair highlighted two new global trends that leave us vulnerable. Network convergence, or the melding of voice, video, and data over a common network, should be nearly complete on a national scale within the next five years, he noted. But this convergence creates new opportunities for cyberattacks that could affect other parts of the country's infrastructure. Channel consolidation, or the ability to grab data on an individual through e-mails, search engines, social networks, and geotagging, increases the risk that our personal information and privacy can be exploited.

With all the mounting threats, what is Washington doing to protect the country? Blair pointed out that neither the government nor business can fully safeguard our vast digital information. But he feels confident that an increased focus on and greater investment in security can help the U.S. better meet this challenge.

Toward that end, Blair touted some recent initiatives. He noted that his intelligence team has been helping to develop a strategy that can be effective but still mindful of national freedoms. By integrating cybersecurity with counterintelligence, Blair believes the government is becoming better able to track and counteract cyberthreats. He also believes that the president's Cyberspace Policy Review has helped unify the key players and agencies in Washington responsible for cybersecurity.

Combating cyberterrorism has been a growing concern for the Obama Administration. Last spring, President Obama conceded that the country was not fully prepared to defend itself against this serious threat. As a result, the president ordered a shake-up of the government's cybersecurity efforts. One priority called for a new cybersecurity czar to help coordinate the nation's efforts. After a months-long search, the job was eventually handed to former security adviser Howard Schmidt in December.

[Suwanee_Guy]

It would be nice if the various ISPs started blocking known malware sites. Firefox browser uses the malware sites listing from stopbadware.org to alert the web surfer. I can't fathom why Microsoft Explorer doesn't follow the same. If various rogue servers that host these malware-phishing-hostage ware and the like, were blocked at the ISPs, then the internet would be safer overall. Once hosting servers start being blocked, then the responsible hosting services would start paying closer attention to the content of their clients web sites.

[bahern0526]

"The latest remarks from Director of National Intelligence Dennis C. Blair greatly underscore the critical threat cyber attacks pose on our nation?s information infrastructure as a top priority. However, while this ?cyber-Pearl Harbor? that Mr. Blair references is real and impending, our informational infrastructure is not the only thing at risk. Our operational infrastructure ? the very systems at the heart of the electric grid, controlling processing operations in chemical plants and oil refineries, controlling access to our water supplies and our transportation systems ? are equally at risk, and a cyber attack to this infrastructure can cause significant threats to public safety, such as environmental damage, disruptions in power, energy and transportation, and even loss of life. The public and private sectors both need to acknowledge these threats of crippling attack from increasingly sophisticated enemies and take swift steps to assure that our nation?s critical infrastructure is secured..? ? Brian M. Ahern, CEO, Industrial Defender, Inc

[n3td3v]

"The bad guys themselves are better organized, he said, as they continue to set up global networks to exchange information."

Isn't this a good thing? We should be helping to setup these global networks to exchange information so we can tap into their conversations and learn about the bad guys.

[number2fringe]

I just hope the government doesn't use cyber threats as a reason to censor the internet of potentially useful information. I've found the internet very helpful in finding information quickly that I couldn't find elsewhere.

[n3td3v]

Don't worry I'm sure U-S Intelligence have a "Cyber 9/11" in the pipe line to make measures like that socially acceptable and given the "OK".

Just like the failed christmas day bomber attempt that got full naked body scanners fast-tracked into U-S and UK airports without any public or political debate over it first.

These terrorist attacks are starting to become handy aren't they? We wouldn't of course accuse the intelligence services of exploiting terrorism or the fear of terrorism in any way, that would be ludicrous to suggest such a thing.

[disco-legend-zeke]

The impending (according to Homeland Security) terrorist attacks will certainly be coordinated with Internet hacks and DOSes.

Being unable to access information and news sites, or worse, redirected to phony pages would be very effective at multiplying the fear factor.