NSA and DoD Warn of Destructive Cyber Attacks

Monday, February 21, 2011



Varied opinions have been offered by security experts in regards to the proper semantics with which to frame the discussion surrounding the concept of "cyberwarfare".

Regardless of where you might fall on the spectrum of thought, which runs from "chicken little" on one end to "head in the sand" on the other, the top brass charged with defending the nation issued some stark warnings last week at the RSA Conference in San Francisco.

What is not disputed by experts is the reality that attacks on, and the defense of, information and communications systems will play significant a role in future conflicts.

"Few weapons in the history of warfare, once created, have gone unused. It is possible to imagine attacks on military networks or critical infrastructure-like our transportation system and energy sector-that cause severe economic damage, physical destruction, or even loss of life," Deputy Secretary of Defense William Lynn said in his keynote address.

Lynn's sentiments were echoed in a subsequent keynote address by NSA and Cyber Command director Gen. Keith Alexander at the gathering of information security solution providers and consumers.

"This is an important time. Most of the destructive tools being developed haven't been used; we need to use this window of opportunity to develop defenses," said Gen. Alexander.

Conversations about the scope and definition of "cybewar", and whether that term should be used to describe assaults on information systems at all, have largely centered around the Stuxnet virus since it debuted last year.

Stuxnet is a highly sophisticated designer-virus that wreaks havoc with Supervisory Control and Data Acquisition systems (SCADA) that provide operations control for critical infrastructure and production networks.

Leading theories indicate that the malware was probably produced to stifle Iran's nuclear warhead ambitions, but the virus has  been detected in at least eleven countries including the United States, China, India, Australia, the UK, and Germany.

Stuxnet is the first in-the-wild evidence of what the future of cyber offensives may look like: tailored computer code with a specific purpose that is nearly impossible to trace to any particular state actor.

Possibly Related Articles:
RSA SCADA Defense Cyberwar Stuxnet Headlines Infrastructure William Lynn Keith Alexander
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.