Preparing for Cyberwar
“At a stroke, computer systems, power grids, industrial production and financial markets could fail, with untold consequences for civil governance and social cohesion: an electronic Pearl Harbor and all without a conventional shot being fired. And this isn’t just academic hypothesis,” warned former Deputy Commanding General of coalition forces in Iraq, Sir Robert Fry, in an article in the Wall Street Journal this morning.
The traditional methods of waging war have shifted, Fry asserted, adding: “Cyber operations are the next weapons of mass effect, or, as more than one wag has put it, ‘weapons of mass disruption.'”
Meanwhile, NPR reports that the US may need to up its ante if it plans to fend off a potential war in such cyberspace.
“We don’t have sufficiently bright people moving into this field to support those national security objectives as we move forward in time,” veteran cybersecurity expert James Gosler, a former member of CIA, the National Security Agency and the Energy Department, told NPR’s Tom Gjelten.
Making an estimate, Gosler noted: “There are now only 1,000 people in the entire United States with the sophisticated skills needed for the most demanding cyberdefense tasks. To meet the computer security needs of US government agencies and large corporations, a force of 20,000 to 30,000 similarly skilled specialists is needed.”
But increasing an internal security staff might not be the only way to prevent potential cyber threats. Another way? Offer a bounty.
According to a report by Federal News Radio, tech titan Mozilla, known for its Web browser Firefox, will offer $3000 to researchers who find security bugs, or holes, in its products. “We hope other organizations will match our program and actively support constructive security research,” Mozilla noted on its blog.
And while it may not be offering a bounty, the Department of Commerce is also taking new cybersecurity precautions. As reported by The Hill, Commerce has “teamed up with the private sector entities that manage the Domain Name System (DNS) to deploy an internationally recognized security… The goal is to encourage adoption of the security standard at every level of the Internet infrastructure from ISPs to local network providers.”
“Improving the trustworthiness, robustness and scaling of the Internet’s core infrastructure is an activity that lines up strongly with [Commerce’s] National Telecommunications and Information Administration (NTIA) mission,” said Patrick Gallagher, director of the Department’s NTIA program.
And across the ocean, the Indian Army is also preparing for cyberwar. According to an article by The New New Internet, “The Indian military is currently concerned by the threats coming from Chinese and Pakistani espionage agencies, utilizing cyberspace to conduct espionage.”
Reporting that the number of cyber attacks in India has “dramatically increased,” the article noted that the Indian military is “battling cyber attacks with capabilities of the ‘highest standard.’”
Additional cybersecurity news follows:
Virus appears to seek manufacturing, utilities’ top-secret data (San Francisco Chronicle)
Is cybersecurity getting the attention it needs? (GovInfoSecurity)
Companies unaware of cyber attack threat (eSecurity Planet)
Fixing the human capital issue in cyber (The New New Internet)
Global Crossing telecommunications gears up for cyber push (Washington Post)