Computer-basedattacks emerge as threat of future, general says:

Threats posed by cyber-attacks on computer networks and the Internet are escalating from large-scale theft of data and strikes designed to disrupt computer operations to more lethal attacks that destroy entire systems and physical equipment. “That’s our concern about what’s coming in cyberspace — a destructive element,” Gen. Alexander, who is also the director of the National Security Agency, the electronic spying agency, said in a speech at a conference on cyberwarfare.

Gen. Alexander said two cases illustrate what could happen in an attack. The first was the August2003 electrical power outage in the Northeast U.S. that was caused by a tree damaging two high-voltage power lines. Electrical power-grid software that controlled the distribution of electricity to millions of people improperly entered “pause” mode and shut down all power through several states. The example highlighted the threat of sophisticated cyberwarfare attackers breaking into electrical grid networks and using the access to shut down power. “You can quickly see that there are ways now to get in and mess with [electrical] power if you have access to it,” he said.

The second example was the catastrophic destruction of a water-driven electrical generator at Russia’s Sayano-Shushenskaya dam, near the far eastern city of Cheremushki, in August2009. Gen. Alexander said one of the dam’s 10 650-megawatt hydro-turbine generators, weighing more than 1,000tons, was being serviced and, by mistake, was remotely restarted by a computer operator 500 miles away. The generator began spinning and rose 50 feet into the air before exploding. The flood caused by the accident killed 75 people and destroyed eight of the remaining nine turbines.

A similar deliberate attack remains a huge problem, Gen. Alexander said, saying that destruction by cyber-attacks was outranked only by nuclear bombs or other weapons of mass destruction. In developing cyberwarfare strategies, Gen. Alexander said, the U.S. will respond to computer-based attacks as it will to other attacks. The government is adopting an “active defense” strategy aimed at bolstering the readiness of computer networks to respond.

Alexander Cites Need for Greater Cyber Defenses (defense.gov):

Citing the high rate of intrusions against Defense Department networks, the commander of U.S. Cyber Command today said his biggest concern is the threat of destructive attacks yet to be seen. A destructive attack from cyberspace “is coming, in my opinion,” Army Gen. Keith B. Alexander told military, government, industry and academic professionals at a conference here called “Maneuvering in Cyberspace. “It is a question of time, ”he said. “What we don’t know is how far out it is,” and whether it will target commercial infrastructure, government networks or mobile platforms.

Alexander, who also serves as director of the National Security Agency, recognized both the “tremendous opportunities and tremendous vulnerabilities” created through network-enabled technologies. Just as the United States has been on the leading edge in developing many of these capabilities, Alexander said it also needs to be a leader in defending against cyber threats. “We were the country that developed the Internet, the iPhone, the iPad [and] some of these other great technologies,” he said. “We ought to be the first to secure it.”

The cost of cyber crime to the global economy is estimated at $1 trillion. “What has been going on over the last few years in the network is the greatest theft that we have seen in history,” he said. Meanwhile, malware is being introduced at a rate of 55,000 pieces per day, or one per second. As troubling as these statistics may be, Alexander said his bigger concern is, “what’s coming: a destructive element.” Both the U.S. International Strategy for Cyberspace, issued in May, and the Defense Department cyber strategy, released in July, recognize the importance of defending U.S. networks. This includes taking offensive action in the event of a hostile attack.

For now, Alexander said his focus is on improving defenses to reduce that likelihood. “We live in a glass house,”he said. “In cyber, we have not yet solved the defensive portion. From my perspective, there is a lot we can do to face that before we take offensive actions.” U.S. Air Force personnel work in the Air Force Space Command Network Operations &Security Center at Peterson Air Force Base in Colorado Springs, Colorado in the July 20, 2010 file photo.

The Pentagon is about to roll out an expanded effort to safeguard its contractors from hackers and is building a virtual firing range in cyberspace to test new technologies, according to officials familiar with the plans, as a recent wave of cyber attacks boosts concerns about U.S. vulnerability to digital warfare. The twin efforts show how the President’s administration is racing on multiple fronts to plug the holes in U.S. cyber defenses. REUTERS/Rick Wilking.

JohnF. Bisner

Ing. & Analyst

Advertisements