Published on Security Management (http://www.securitymanagement.com)
Are We Really Inching Toward Cybarmageddon?
By Matthew Harwood
Created 06/04/2009 - 16:18



    
Wrap-Up?: 
No
Weight: 
0
Lead Headline?: 
No
Date: 
06/04/2009
By Line: 
By Matthew Harwood
Teaser: 
With the release of President Barack Obama's report on cybersecurity last Friday, it seems apt to ponder a question posed by Wired.com's Threat Level blog: "Is the hacking threat to national security overblown?"


With the release of President Barack Obama's report on cybersecurity last Friday [1], it seems apt to ponder a question posed by Wired.com's Threat Level blog: "Is the hacking threat to national security overblown?" [2]


That question was asked by Threat Level Editor Kevin Poulsen at a recent panel discussion of cybersecurity experts during the Computers, Freedom and Privacy Conference 2009 [3] in Washington, D.C., yesterday.


Here's a summary of their answers:


Amit Yoran, a former Bush Administration cybersecurity czar, said the answer is yes, pointing to the crippling cyberattacks on Estonia, attacks on government contractor Booze Allen Hamilton, and the recent cyberexploit against defense contractor networks holding information on the Joint Strike Fighter. Notably, Yoran argued a “Cyber 9-11 has happened over the last 10 years, but it’s happened slowly so we don’t see it.”


Dr. Herb Lin, a cyberattack expert at the National Research Council, said the threat from cyberattacks are very real but believes not enough attention is given to cyberespionage by the media because cyberterrorism and cyberwar receive more Web traffuc and sell more papers. Lin believes the U.S. needs the ability to effectively unleash cyberattacks against adversaries to deter and dissuade cyberspies and other cyberadversaries. "[W]e don’t consider spies inside the United States to be an attack on the United States," he said, adding "“Passive defenses alone are not sufficient. You have to impose costs on an attacker and maybe the only way to do that is a cyberattack yourself. The good guys have always had some sort of offense too.”




Poulsen, however, believes the threat is highly exaggerated and criticized calling cyberexploits and cyberattacks national security threats because then the attack information gets classified. “If we can’t publicly share info that the attackers already have — since it’s about them — then we are doing far more harm than good,” Poulsen said, because it denies IT security professionals the ability to learn from the attacks and counter them in the future.


♦ Security rockstar and blogger Bruce Schneier says the threat is real, but he seemed to agree with Poulsen that it can get overblown at times. Threats such as natural disasters and bad programming codes are still bigger threats to U.S. national security, he said.


Photo by solidariat/Flickr [4]


 


Related Resources: 
"Obama on Right Track on Cybersecurity, Former Official Says [5]," by Matthew Harwood, Security Management, June 1, 2009


"Witnesses Call for Better Information Security from Federal Government [6]," by Matthew Harwood, Daily Headline, May 20, 2009


"Dept. of Transportation: Air Traffic Control Systems Have Been Hacked [7]," by Matthew Harwood, Daily Headlines, May 8, 2009


"Cyberattacks from China and Russia Target U.S. Electrical Grid [8]," by Matthew Harwood, Daily Headlines, April 8, 2009


"Information Security Must Be a National Priority, Experts Say [9]," by Stephanie Berrong, Daily Headlines, March 13, 2009


"DHS Unfit to Run National Cybersecurity, Experts Say [10]," by Matthew Harwood, Daily Headlines, March 10, 2009


Thumbnail: 
Comments


    

    




  
Security Management is the award-winning publication of ASIS International, the preeminent international

organization for security professionals, with more than 37,000 members worldwide.


ASIS International, Inc. Worldwide Headquarters, 1625 Prince Street, Alexandria, Virginia 22314-2818 U.S.A.

703-519-6200 | fax 703-519-6299 | www.asisonline.org


ASIS


© 2012 Security Management

This site is protected by copyright and trade mark laws under U.S. and International law.

No part of this work may be reproduced without the written permission of Security Management.








    

    
Source URL: http://www.securitymanagement.com/news/are-we-really-inching-toward-cybarmageddon-005738

    
Links:
[1] http://www.whitehouse.gov/assets/documents/Cyberspace_Policy_Review_final.pdf

[2] http://www.wired.com/threatlevel/2009/06/cyberthreat/

[3] http://www.cfp2009.org/

[4] http://www.flickr.com/photos/justinwilson/3100664396/

[5] http://www.securitymanagement.com/../../../../../../news/obama-right-track-cybersecurity-former-official-says-005725

[6] http://www.securitymanagement.com/../../../../../../news/witnesses-call-better-information-security-federal-government-005645

[7] http://www.securitymanagement.com/../../../../../../news/dept-transportation-air-traffic-control-systems-have-been-hacked-005617

[8] http://www.securitymanagement.com/../../../../../../news/cyberattacks-china-and-russia-target-us-electrical-grid-005468

[9] http://www.securitymanagement.com/../../../../../../news/information-security-must-be-national-priority-experts-say-005346

[10] http://www.securitymanagement.com/../../../../../../news/dhs-unfit-run-national-cybersecurity-experts-say-005318