Too much hysteria over cyber attacks: US experts

Feb 15, 2011
Analyists at the National Cybersecurity & Communications Integration Center (NCCIC) during a media session at their headquarters in Arlington, VA in 2010. Overblown talk of a full-on cyber war between nations fueled by recent attacks like the computer worm Stuxnet could hamper Internet security efforts, officials and experts warned Tuesday.

Overblown talk of full-on cyber war between nations fueled by recent attacks like the computer worm Stuxnet could hamper Internet security efforts, officials and experts warned Tuesday.

Serious attention should be paid to threats of cyber attacks from hackers, spies and terrorist groups but not to the extent of mass hysteria, speakers at the premier RSA computer security conference in San Francisco said.

"Cyber war is a terrible metaphor," said White House cybersecurity czar Howard Schmidt. "Don't make it something it's not."

Online espionage and hacking are not new, and hyping incidents as warfare distracts computer security champions from critical jobs such as safeguarding power grids, financial systems, and medical networks, he contended.

"We are in the midst of a cyber war of words," Schmidt said. "Let's quit pointing fingers and start cleaning up the infrastructure."

Renowned computer security specialist Bruce Schneier of BT Group said that use of warlike tactics in online conflicts is fueling hysteria that has the world on the brink of a "cyber arms race."

"We are not necessarily seeing cyber war, but increasing use of warlike tactics in more general cyber conflicts," Schneier said. "I think that is what's confusing us."

He cited a Stuxnet computer virus evidently crafted to find and disrupt an Iranian nuclear facility as an Internet Age attack that smacks of warfare but arguably falls short.

"It is not war," Schneier said. "It is in the middle somewhere."

Fears of cyber war are driving a needless cyber arms race that brings with it the danger that software weapons might accidentally be released, he argued.

"We haven't seen offensive cyber weapons companies, but they are coming," Schneier said. "Big defense contractors are working on this; you know they would be dumb not to."

The most prevalent cyber threat has been theft of information from networks, US Deputy Secretary of Defense William Lynn said in a keynote address to the gathering.

Foreign spy agencies have accessed military plans and weapons systems designs, while source codes and intellectual property have been swiped from businesses and universities, according to Lynn.

Attacks on computer networks have thus far been "relatively unsophisticated" and short in duration, the defense official said.

An emerging threat is that cyber tools will cause real-world damage, according to Lynn.

"The threat is moving up a ladder of escalation, from exploitation to disruption to destruction," he said.

Foreign spies have focused on mining US networks instead of disrupting them, according to Lynn.

"Although we cannot dismiss the threat of a rogue state lashing out, most nations have no more interest in conducting a destructive cyber attack against us than they do a conventional military attack," Lynn said.

"The risk for them is too great."

US defense officials are more worried about an accidental release of "toxic malware," he explained.

"Perhaps the greatest concern in our judgment is a terrorist group that gains the level of disruptive and destructive capability currently possessed by nation-states," Lynn said.

Terrorist groups could craft their own cyber weapons or buy them on the black market, he added.

"As you know better than I, a couple dozen talented programmers wearing flip-flops and drinking Red Bull can do a lot of damage," Lynn told the gathering of software savants.

"We have to assume that if they have the means to strike, they will do so."

Cyber commandos are being trained in the military, and the US is reaching out to allies to form collective online defenses, he said.

Lynn called on specialists in the computer security industry to team with the military to defend the nation's networks.

"The government cannot protect our nation alone," Lynn said. "It is going to take a public-private partnership to secure our networks."

Explore further: Startups offer banking for smartphone users

add to favorites email to friend print save as pdf

Related Stories

US urges NATO to build 'cyber shield'

Sep 15, 2010

NATO must build a "cyber shield" to protect the transatlantic alliance from any Internet threats to its military and economic infrastructures, a top US defence official said Wednesday.

'New arms race' taking shape in cyberspace: Van Loan

May 27, 2009

A "new arms race" is taking shape in cyberspace, Canada's security czar said Wednesday, lamenting ever bolder and more sophisticated attacks on government websites by Russia, China and others.

Obama setting up better security for computers

May 29, 2009

(AP) -- America has for too long failed to adequately protect the security of its computer networks, President Barack Obama said Friday, announcing he will name a new cyber czar to take on the job.

Recommended for you

Startups offer banking for smartphone users

Aug 30, 2014

The latest banks are small enough to fit in the palm of your hand. Startups, such as Moven and Simple, offer banking that's designed specifically for smartphones, enabling users to track their spending on the go. Some things ...

'SwaziLeaks' looks to shake up jet-setting monarchy

Aug 29, 2014

As WikiLeaks founder Julian Assange prepares to end a two-year forced stay at Ecuador's London embassy, he may take comfort in knowing he inspired resistance to secrecy in places as far away as Swaziland.

Ecuador heralds digital currency plans (Update)

Aug 29, 2014

Ecuador is planning to create what it calls the world's first digital currency issued by a central bank, which some analysts believe could be a first step toward abandoning the country's existing currency, ...

WEF unveils 'crowdsourcing' push on how to run the Web

Aug 28, 2014

The World Economic Forum unveiled a project on Thursday aimed at connecting governments, businesses, academia, technicians and civil society worldwide to brainstorm the best ways to govern the Internet.

User comments : 0