U.S. in middle of cyber war with China, Russia?
Updated Thursday, Jan. 17, 2008, at 2:30 p.m. EST.
The Cold War may be over, but the global battle over information security is heating up, as
The New Yorker magazine published this week an interview with U.S. Director of National Intelligence (DNI) Mike McConnell in which it reported that the Defense Department currently is detecting about three million unauthorized probes on its computer networks every day. The State Department fends off two million probes daily, intelligence experts said in the article.
These probes often turn into full-scale attacks, the magazine reported, such as the assault last year on the Pentagon that resulted in 1,500 computers being taken offline. American allies also have been targeted: In May, the German government blamed the Chinese military after it discovered a spyware program had been planted inside government computers in several key ministries. Chinese officials called the accusation “preposterous.”
McConnell has made information security a top priority for the myriad intelligence agencies he oversees, including the NSA, CIA and the Pentagon's intelligence arm. The
In November, President Bush requested $154 million in funding for what is expected to be a seven-year, multibillion-dollar program to track cyber threats on both government and private networks. According to a report in the Baltimore Sun, the Department of Homeland Security and the National Security Agency are planning to assign up to 2,000 people from both agencies to monitor critical infrastructure networks to prevent unauthorized intrusion.
However, key members of Congressional oversight committees on national security have complained that they have not been adequately briefed by the administration on the cybersecurity initiative, and they have expressed concern that the program may not have adequate privacy protections.
The DNI said in the New Yorker article that Chinese computer attacks have intensified in recent months, while hacking activity emanating from
However, former White House cybersecurity adviser Howard Schmidt, president and CEO of R&H Security Consulting, cautioned that the sheer volume of the hacking probes coming out of China is not conclusive proof that these attacks are being directed by the Chinese government.
"There is no consensus [among security experts] that a nation-state is behind this," Schmidt told SCMagazineUS.com. "We don't know the motivation of the hackers and we don't know whose finger is on the keyboard. We shouldn't underestimate the ability of individuals to wreak havoc online."
Schmidt applauded McConnell's effort to limit access points between government networks and the internet, the first phase of which has been implemented by the federal Office of Management and Budget in an initiative called the Trusted Internet Connection project.
The former White House adviser also said concerns expressed in Congress regarding the impact of the administration's proposed cybersecurity effort on privacy should be fully debated before implementation. "There has to be transparency," he said.
As intense as the assault on
SANS Institute, in its annual listing of top 10 cyber menaces, this week put cyberespionage directed by foreign governments near the top of the list. SANS reported that
“In 2008, despite intense scrutiny, these nation-state attacks will expand,” SANS warned. “More targets and increased sophistication will mean many successes for attackers. Economic espionage will be increasingly common as nation-states use cyber theft of data to gain economic advantage in multinational deals.”
SANS said the “attack of choice” by foreign cyber warriors is a form of targeted spear phishing using attachments and well-researched social engineering methods to make the victim believe that an attachment comes from a trusted source. SANS also said overseas hackers are making use of newly discovered Microsoft Office vulnerabilities and hiding their techniques to circumvent virus checking.