The Future of Cyber Security and Cyber Conflict

As I write this there is evidence that the Russian's are once again attacking another country through massive denial of service attacks.  For a recap with analysis you will not see elsewhere see The Kyrgyzstan Cyber Attack That No One Is Talking About .
This is not the first time that a major nation state has been accused of launching attacks like this.  Russia has been implicated as responsible for two other large scale attacks (Estonia and Georgia).   In other investigations China has been implicated of sponsoring/supporting attacks designed to extract information.  These are very serious high end attacks that are hard to mitigate, but organized crime is also becoming increasingly capable, investing large amounts in R&D to allow their continued ability to sap resources through cyber theft.   In a recent example a payment processing company called Heartland Security Systems admitted its security system had been breached and millions of credit and debit card numbers were extracted.

I've previously written about the government's response and many of us have been strongly supportive of the efforts and activities of Melissa Hathaway and the team of coordinators she assembled in government.   Her approach has been viewed as very positive by all credible observers and it is good to know she will be continuing to work to make our nation safe in this area.

It was also good to see the approach of the Obama team posted on the Whitehouse.gov site.  In a homeland security policy statement six key goals were articulated.  They are copied below:

    Protect Our Information Networks

    Barack Obama and Joe Biden -- working with private industry, the research community and our
    citizens -- will lead an effort to build a trustworthy and accountable cyber infrastructure that is resilient, protects America's competitive advantage, and advances our national and homeland security. They will:

  • Strengthen Federal Leadership on Cyber Security: Declare the cyber infrastructure a strategic asset and establish the position of national cyber advisor who will report directly to the
    president and will be responsible for coordinating federal agency efforts and development of national cyber policy.
  • Initiate a Safe Computing R&D Effort and Harden our Nation's Cyber Infrastructure: Support an initiative to develop next-generation secure computers and
    networking for national security applications. Work with industry and academia to develop and deploy a new generation of secure hardware and software for our critical cyber infrastructure.
  • Protect the IT Infrastructure That Keeps America's Economy Safe: Work with the private sector to establish tough new standards for cyber security and physical resilience.
  • Prevent Corporate Cyber-Espionage: Work with industry to develop the systems necessary to protect our nation's trade secrets and our research and development. Innovations in
    software, engineering, pharmaceuticals and other fields are being stolen online from U.S. businesses at an alarming rate.
  • Develop a Cyber Crime Strategy to Minimize the Opportunities for Criminal Profit: Shut down the mechanisms used to transmit criminal profits by shutting down untraceable Internet payment schemes. Initiate a grant and training program to provide federal, state, and local law enforcement agencies the tools they need to detect and prosecute cyber crime.
  • Mandate Standards for Securing Personal Data and Require Companies to Disclose Personal Information Data Breaches: Partner with industry and our citizens to secure personal data stored on government and private systems. Institute a common standard for
    securing such data across industries and protect the rights of individuals in the information age.

Another goal was in the Defense portion  of the Whitehouse.gov site which called for DoD to lead in operational defense.  It reads:

  • Protect the U.S in Cyberspace: The Obama-Biden Administration cooperate with our allies and the private sector to identify and protect against emerging cyber-threats.

My assessment of these seven goals: This is too important for us to kibitz on at all.  Now is the time for us to all form up on these goals and execute.  Collectively we have to move faster in all these areas if we are to lesson the impact of the thinking/changing/technologically advanced adversaries that face us.  I only add that we should keep bold visions in mind.  I really believe that security and functionality of IT are totally connected and should always be considered in the same breath.  And both can be dramatically improved, this is not a zero sum game where functionality is compromised by security.  I believe our goal should be, as I've stated before, that the security and functionality of the federal enterprise will be improved by two orders of magnitude over the next 24 months.  And I believe the cyber and CTO team of the new administration can deliver on that.

I also believe that DoD will continue to have a key leadership roll in cyber, since increasingly that domain is being used by military adversaries and our own military must be able to operate with knowledge that their IT systems are safe from adversary attack.

More later.

Connect Here

Bob Gourley

Partner at Cognitio Corp
Bob Gourley is a Co-founder and Partner at Cognitio and the publisher of CTOvision.com andThreatBrief.com. Bob's background is as an all source intelligence analyst and an enterprise CTO. Find him on Twitter at @BobGourley
Connect Here
About Bob Gourley

Bob Gourley is a Co-founder and Partner at Cognitio and the publisher of CTOvision.com and ThreatBrief.com. Bob's background is as an all source intelligence analyst and an enterprise CTO. Find him on Twitter at @BobGourley

Comments

  1. I like the 6 points. I fully agree that we need to move faster. Alas, I'm not optimistic things can be "fixed" very rapidly, UNLESS there is a huge infusion of cash for the efforts. And that cash has to go to all involved in the fight. I've said all along that the government is not partnering enough with industry on these undertakings. There are many companies that would love to help out, but most of those same companies are struggling, and will have little to devote to this on their own. Some organization from the top (Fed CTO?) would be good, but this is really going to take some grass roots efforts by lots of folks.

  2. Thanks Bob, I appreciate that and agree totally. This is going to take leadership and resources. If the government tracked its IT investments in a way that would let us calculate the value of current "legacy" computer systems it might be on the order of $500B or so. Do we want to replace all that right away so it can be more secure? That isn't in the budget. Even just making this old stuff more secure (not replacing it) will be costly. But it needs to be done.

  3. Hey Bob, thanks for the pointer to my Kyrgyz cyber attack post. The investigation is ongoing and I hope to have some conclusions posted soon.

  4. Jeffrey, thanks for bringing attention to these important operational cyber matters.
    Cheers,
    Bob

  5. AJ Clark says:

    Bob, good article. I see the real challenge as developing a Cyber Policy that frames the threat. Newton's III law of motion of every action having an equal and opposite reaction is seen every day online. Do we try to leap ahead to a point where true technological dominance is gained such as that which we have in aerospace and other battle spaces, or do we do a tit-for-tat fight like what we've seen with our more recent counter insurgency operations in low intensity conflicts? Either way, I applaud any government action that recognizes that we may already be losing ground in this conflict and must immediately address it by combining industry and government resources.
    aj

  6. AJ I'm with you on that, and I also think you invoke a good analogy when you mention aerospace. In that particular battlespace the analogy is good because in aerospace the country could dominate for 50 years because of strong partnerships with industry. We won WWII and the Cold War for lots of reasons including brave people but also because industry could out produce more technologically advanced capabilities than our adversaries. I hope the same will be true in cyber. To do so, maybe we need to treat our cyber industry with the same respect and partnership we treated our aerospace industry?
    Cheers,
    Bob

Leave a Reply