The Pentagon wants cyberweapons, and it wants them fast. Deftly recognizing that cyberweapons are nothing like the materiel of physical warfare, the DoD is devising a means to fast-track and field certain cyberweapons, some of which will take only days to go from development to deployment.
Generally we would shy away from "New Cold War" rhetoric, but sometimes it's hard not to draw comparisons. The ongoing cyber defense arms race and the establishment of an official cyber warfare strategy by the U.S.--and we all know specifically who that is aimed at--more or less smack of the old days when the U.S. and U.S.S.R. were trapped in that tenuous relationship held fast by the threat of mutually assured destruction. And now there's this: China Daily, in an editorial dated last week, is calling for a Sino-American cyber "red phone." All that's missing is cyber duck-and-cover drills.
The biggest hack ever discovered has been exposed by McAfee, and the breadth and depth would be impressive it wasn't so disconcerting: five years, at least 72 different governments, NGOs, and other organizations (including the United Nations and the International Olympic Committee) and reams and reams of secret data. Of course, McAfee believes there is a single "state actor" behind the attacks, but the company has declined to name it.
To combat cyber attacks, the U.S. may need more than new cyber defenses. It might need a whole new piece of Internet infrastructure. So says former CIA director Michael Hayden, who served under President G.W. Bush, and he’s not the only one. Several lawmakers and the current Cyber Command chief Gen. Keith Alexander are toying with the notion of creating a “.secure” domain where Fourth Amendment rights to privacy are voluntarily foregone in order to keep that corner of the Internet free of cyber criminals.
Hacks, cyber strategies, international cyber squads--we could just go ahead and dub this the "summer of cyber," and it's not even mid-June. On the heels of some high-profile hacks (including one at Lockheed Martin), a terse exchange between Google and China following a Gmail breach, and the U.S. DoD declaring that cyber attacks can be considered an act of war, NATO has now said it will develop a special cyber force.
Yet another wrinkle in the ongoing flood of cyber security stories emerging over the past couple of weeks: RSA Security--maker of those little keychain tokens that generate constantly changing passwords for users logging into secure networks--is offering increased security monitoring and the complete replacement of SecurID tokens to nearly all of its customers after evidence emerged that the recent cyber attack on Lockheed Martin was perpetrated in part using data stolen from RSA.
On the heels of a cyber attack that breached defense contractor Lockheed Martin’s network defenses last week, the Pentagon is opening the door to new means of dealing with cyber attacks perpetrated by foreign nations. In a new, formal 30-page cyber strategy document--unclassified portions of which will be made public next month--the Pentagon has deemed that cyber attacks can constitute acts of war, and that responses can include traditional military retaliation.
The recent WikiLeaks exposure was a huge black eye for the U.S. Department of Defense, supposedly one of the more secure state organizations we have working for us. Its impact clearly wasn’t lost on the Pentagon, whose blue sky research arm has launched a new project designed to ferret out malicious behavior on DoD networks. Named CINDER – Cyber INsiDER Threat – the project is designed not to sniff out people, but adversarial actions as they happen.
A former NSA computer espionage specialist has created a blueprint for destroying the United States's cyber defenses and bringing about "Internet Armageddon," and it doesn't take the kind of unmanageable resources one might think. Charlie Miller says that a devastating cyber attack would only require 2 years, roughly a thousand cyber-soldiers, and a mere $100 million.