60 Minutes on Cyber War: The True Threat of Cyber Attack

Ten years ago, 60 Minutes reported on the new threat of "cyber war." At the time, the story introduced the American public to a developing danger that would come to realization in the future. According to Sunday's program, that day has arrived. The television show dived back into the topic of cyber warfare and it was evident that not only has the threat arrived, but the United States is not prepared to face the attacks.

Retired Admiral Mike McConnell, the former chief of national intelligence and director of the National Security Agency, outlined the gravest threat to the U.S.'s critical infrastructure: our power grid.

"If I were an attacker and I wanted to do strategic damage to the United States I would take the cold of winter or the heat of summer and sack electric power on the East Coast...and hope for a cascading effect. All of this is in the art of the possible for a sophisticated attacker and the United States is not prepared for such an attack."

A few months ago President Barack Obama admitted that the U.S. electrical grid had already been probed by cyber intruders and acknowledged that another country had seen entire cities plunging into darkness due to cyber attacks. The president failed to mention which country had seen its electric grid shut down due to cyber attacks, but 60 Minutes reported that Brazil had experienced the attacks in 2005 and 2007. The actual perpetrators are unkown, but 60 Minutes acknowledged that there are now highly trained cyber warriors throughout the world poised to lead such attacks. (UDPATE: Raphael Mandarino Jr., director of Brazil's Homeland Security Information and Communication Directorate, told the newspaper Folha de S. Paulo that he’s investigated the claims and found no evidence of hacker attacks.)

Electronic Pearl Harbor

Awareness of the threat of cyber war started to take hold in 2007 according to Jim Lewis, a director at the Center for Strategic and International Studies. It was at that point the United States witnessed what Lewis called an "electronic Pearl Harbor," when unknown foreign entities conducted online espionage and broke into the Department of Defense, Department of State, Department of Energy, NASA and others, walking away with terabytes of information. Lewis also acknowleged that the intrusion into CENTCOM last December was the second major "wake-up call" for the government, as foreign entities penetrated the highly secure military system and remained inside the digital infrastructure for several days "listening" to all traffic and activities.

The full segment is embedded below and I encourage everyone to watch. Overall, the piece reiterates much of the information we have blogged about several times, but as I watched the piece I was reminded of comments made by BreakingPoint's Dennis Cox during the recent "Preparing for DDoS and Botnet Attacks" webcast:

Dennis warned about the threat to the electrical grid as a whole but expanded that threat to individual households as we see the continuing adoption of "eHome" technology such as online energy monitoring. This all being part of the cascading effect mentioned by Admiral McConnell.

Also during the DDoS/botnet webcast, I asked our experts why more wasn't being done to stop these attacks by the government or crime-fighting organizations. One of the answers was simple yet powerful. The perception remains that nobody is truly being hurt by these attacks, thus there is never a groundswell to take action. Jim Lewis called it "death by a thousand cuts" during the 60 Minutes segment. Unless we actually see the damage inflicted by cyber war we often will stand idly by and let the threat remain.

Reality Must Defeat Perception

In 2009 more than $100M was stolen from U.S. banks according to Sean Henry, assistant director in charge of the FBI Cyber Crime Division. Yet how many of those bank robberies have you heard of during this year? Henry continued:

"I've seen attacks where $10 million has been lost in a 24-hour period. If that had happened in a bank robbery where people had walked in with guns blazing it would have been headline news all over the world."

And this is where the problem lies today. We are faced with an imminent threat of cyber war and cyber crime, yet the perception remains that nothing is seriously wrong. Today however, due to the 60 Minutes piece, people are seemingly waking up to the threat and the serious damage cyber warfare and cyber crime have already inflicted. Will last night's show prove to be the tipping point for solidifying the cyber war battle lines or forgotten again as the news cycle churn us towards another topic?

As someone who is involved in this topic every day, I'm certainly rooting for the former and I think the piece will actually help in five distinct ways:

1. Put pressure on the Obama administration to begin taking action on securing our critical infrastructure including solidifying the cyber coordinator position.
2. Educate Congress on this threat so that more members become involved with pending and new legislation.
3. Create support for the emergence and success of such programs as USCYBERCOM and National Cyber Range.
4. Force everyday Americans to realize that the threat of cyber war is real and that we are all responsible in some way for defending against this invisible enemy.
5. Place some pressure on service providers and network equipment manufacturers to test equipment and services under true cyber war replication.

As promised, here is the full 60 Minutes segment:

Posted by Kyle Flaherty

Printer Friendly Create PDF

1 comments
Tags: