The United States faces a "cyber Pearl Harbor...This is a pre-9/11 moment...the attackers are plotting." –Former Defense Secretary Leon Panetta
America faces a number of cyberspace threats. The most serious are from those wishing to engage in espionage to steal both military and technological secrets, and from those who wish to turn the nation's own computer systems against it by dismantling defense systems and committing sabotage against key civilian infrastructure. Cyber attacks have escalated by 1,700% since 2009, costing intellectual property theft losses over $400 billion.
An armed attack following a cyber assault would be exceptionally effective. Key defense systems could be disabled, leading to a military that is deaf, dumb, and blind, defending a nation that may have its electrical, energy, water, transportation and other crucial systems heavily disrupted.
Last July, General Keith Alexander, the commander of the U.S. Cyber Command, openly worried that the United States was not adequately prepared for a cyber attack. He noted that on a scale one one to ten in preparedness, the U.S. was at about a three. He emphasized that the time to stop a cyber attack is less than a minute--far less time than preparing for an incoming missile attack.
The Mandiant Corporation has released a scathing expose of China's aggressive, persistent and wide scale assault on American computer systems.
Beijing's armed forces are clearly at the center of the threat. Specifically, a shadowy unit of the People's Liberation most commonly known as Unit 61398.
According to the report, Unit 61398 has systematically stolen hundreds of terabytes of data from at least 141 organizations, and has demonstrated the capability and intent to steal from dozens of organizations simultaneously...[it] focuses on compromising organizations across a broad range of industries in English speaking countries... [and] maintains an extensive infrastructure of computer systems around the world."
General Alexander has noted that China's espionage efforts have resulted in "The greatest transfer of wealth in history."
The Department of Defense notes that China makes extensive use of stolen military technology, saving their armed forces billions of dollars and decades of time. Following major security breeches in the Clinton administration, including the transfer of a supercomputer, security measures were enhanced, but were loosened again under President Obama.
The unlimited extent of China's cyber prowess is clearly demonstrated by the fact that last October, it was acknowledged that computers used by both the White House itself, as well as the computers used by our strategic forces for nuclear commands, were breached by the Chinese. Fortunately, the attack was thwarted.
In a withering report on security at NASA’s Langley Center, Rep. Frank Wolf (R-Va.) has criticized NASA for hiring Chinese nationals and allowing them to bring advanced technological data home. According to Wolf,
“NASA officials spent several hundred thousand dollars to hire a Chinese national affiliated with an "entity of concern" at a federal center that is developing technologies that are priority targets for the Chinese government."
Arrayed against these threats is a branch of the Department of Defense created by the Commander of U.S. Strategic Forces called "USCYBERCOM," which became operational on May 21, 2010. According to its mission statement, CYBERCOM "plans, coordinates, integrates, synchronizes, and conducts activities to: direct the operations and defense of specified Department of Defense information networks and: prepare to, and when directed, conduct full-spectrum military cyberspace operations in order to enable actions in all domains, ensure US/allied freedom of action in cyberspace and deny the same to our adversaries."
The Department of Defense harbors no illusions that CYBERCOM can completely protect our defense assets. It notes that:
"Cyber is a complicated domain. There is silver bullet that will eliminate the threats inherent to leveraging cyber as a force multiplier, and it is impossible to completely defend against the most sophisticated cyber attacks. However, solving this problem is analogous to complex national security and military strategy challenges of the past, such as the counter U-boat strategy in WWII and nuclear deterrence in the cold War. The risks involved with these challenges were never driven to zero, but through broad systems engineering of a spectrum of techniques, the challenges were successfully contained and managed."
Comments