US struggles to pinpoint cyber attacks: Top official

Mar 10, 2009
National Intelligence Director Dennis Blair testifies before the Senate Armed Services Committee on Capitol Hill in Washington, DC. The United States often cannot quickly or reliably trace a cyber attack back to its source, even as rival nations and extremists may be looking to wage virtual war, Blair warned Tuesday.

The United States often cannot quickly or reliably trace a cyber attack back to its source, even as rival nations and extremists may be looking to wage virtual war, a top official warned Tuesday.

"It often takes weeks and sometimes months of subsequent investigation," said US intelligence director Dennis Blair, "and even at the end of very long investigations you're not quite sure" who carried out the offensive.

China, Russia and other countries already could be potent online foes and terrorists may find it easier in the future to hire to target key systems, Blair told the Senate Armed Services Committee.

"Terrorists are interested in using cyberweapons, just the way they're interested in using most any weapon they can use against us," notably to target systems critical to the high-tech driven US economy, he said.

"We currently assess that their capability does not match their ambitions in that area, although that's something we have to work on all the time because things become more widespread, terrorists can find hackers to work for them," he said.

"It is a concern, but right now I'd say their capability is low and, in addition, I think the more spectacular attacks that kill a lot of people on very publicly is what they are looking for," said Blair.

Blair told the panel, which was looking at to US interests, that Washington is "absolutely" trying to speed up what is now the "very slow and painstaking" process of determining who carried out a cyberattack.

(c) 2009 AFP

Explore further: Ebola.com domain sold for big payout

add to favorites email to friend print save as pdf

Related Stories

Hewlett Packard to create 500 jobs in Ireland

Mar 10, 2009

US technology company Hewlett Packard is to create 500 jobs with an 18-million-euro (23-million-dollar) expansion of its global service desk operation in Leixlip, County Kildare southwest of Dublin, Prime ...

Recommended for you

Ebola.com domain sold for big payout

17 hours ago

The owners of the website Ebola.com have scored a big payday with the outbreak of the epidemic, selling the domain for more than $200,000 in cash and stock.

Facebook goes retro with 'Rooms' chat app

Oct 23, 2014

Facebook on Thursday released an application that lets people create virtual "rooms" to chat about whatever they wish using any name they would like.

User comments : 6

Adjust slider to filter visible comments by rank

Display comments: newest first

brant
not rated yet Mar 10, 2009
Take away their internet.....
paulthebassguy
not rated yet Mar 10, 2009
The problem seems to me that there is too much bureaucracy in these investigations and not enough focus on the technological front line.
Arikin
not rated yet Mar 11, 2009
With such a large amount of traffic being routed through the USA, how are you going to track it?

We could do like China has and use packet sniffing at key intentionally created bottle necks in the routes.

In the end its a question of how much freedom and privacy you are willing to give up for security.
ealex
5 / 5 (1) Mar 11, 2009
We need more wiretapping. Obviously.

/* irony */

If government agencies would invest properly in security and training for it's personel, the majority of cyberattacks wouldn't even be possible.

Contrary to most people's views, you CAN be secure. You can't be 100% secure because there's always the human factor, trained or untrained, but the majority of cyberattacks are either on poorly secured software OR poorly secured workstations. Both of which are securable.

MGraser
not rated yet Mar 11, 2009
Perhaps it's time to revamp the communications protocol to something that allows better tracking/auditing. We've held onto IPv4, because I think everyone's nervous about trying to change such a global standard. However, if all the major players agree, coming up with a more accountable protocol might be the way to go. The current one works well, but is too open to modification, which is (I think) what allows these people to hide and deflect.
Arikin
not rated yet Mar 11, 2009
Mgraser, even old school techniques like connecting through several servers in a chain will work in IP6.

Or hiding by just spoofing your IP in IP4 isn't fool-proof. It just requires you to ask permission for the IP assignment info from several different private ISPs for their IP ranges.

But like ealex said, the human factor is the easiest way to get into a server and use it. Clicking yes to viruses, laziness in not updating/securing a server, trusting connections from others servers in your network, SIMPLE passwords or writing them down somewhere in your desk, etc.