(Translated from the original Italian)
The Flame case has raised questions about the real cyber warfare capabilities of every country, and we have spoken of the strong commitment by the Indian and German governments, praising the US capabilities for their involvement in operations such as the "Olympic Games" project.
But what are the real cyber capabilities of the United States?
No doubt the U.S. is among the main actors of an increasingly crowded cyberspace, and they have indisputable military capabilities in the field. However, the country is still too vulnerable to potential cyber attacks.
Despite the increased engagement in cyber warfare, the US must faces a crisis which has inevitable effects on the budgets allocated to defense. U.S. Defense Secretary Leon Panetta often has expressed concerns about the possibility of a major cyber attack against the US and its critical infrastructure.
The government is planning the cuts to defense budgets in the last decade, around $450 billion over a period of ten years. Persistent rumors speak of a further cut of $500 billion due an automatic mechanism of protection known as sequestration after members of Congress failed to reach an agreement to reduce the nation’s deficit.
The cuts represent a serious problem for the development of US capabilities in a delicate historical period, where principal enemies of the US such as Iran, China and also Russia are massively investing to acquire a strategic advantage under this perspective.
Secretary Panetta warned of the possible risks deriving from the cuts:
“It would guarantee that we hollow out our force and inflict severe damage on our national defense. I think you all recognize that sequester would be entirely unacceptable and I really urge both sides to work together to try to find the kind of comprehensive solution that would de-trigger sequester and try to do this way ahead of this potential disaster that we confront."
“I’m very concerned that the potential in cyber to be able to cripple our power grid, to be able to cripple our government systems, to be able to cripple our financial systems would virtually paralyze this country and as far as I’m concerned that represents the potential for another Pearl Harbor as far as the kind of attack that we could be the target of using cyber."
The scenario hypothesized by Panetta is realistic and dramatic, a cyber attack against a US critical system could represent a disaster. The possible source of the attacks could be foreign government, but also cybercriminals or cyber terrorists.
Every day thousands of attacks hit US networks, and the trend shows an increasing frequency, as cyber espionage is the most insidious cyber threat. To tackle this offensive it is necessary for continuous and huge investments in cyber defense capabilities.
Another question raised by the main military authorities is related to the enormous expenses for the campaigns abroad of American troops, first of all in Afghanistan where the cost of sending supplies into through alternate routes is about $100 million a month. If the economic situation is complex and dangerous, other clouds are gathering on US cyber warfare capabilities.
Leading cyber experts have alerted the US government of the shortage of talented computer security specialists for hire in the cyber security circuit. The research of these skilled experts is one of the first goals of a US administration that has promoted several projects such as Plan X.
According to estimates, the US is lacking tens of thousands of experts to allocate for activities related to cyber defense and cyber offense. Of course the shortage could represent a desirable opportunity of business for private companies, for example US defense contractor Northrop Grumman Corp has recently promoted the first undergraduate honors program in cyber security with the intent to be highly specialized in cyber warfare.
Government agencies are also trying to hire consultants from private industry, but in some cases security firms have refused to send their most talented cyber experts to avoid losing them.
According many experts, due to this reason, government project usually involve a "second level" of experts from private businesses, or they are locking down the main resources with special agreements.
According unofficial sources, government is also searching for experts in the cyber underground and attending hacker events all over the world.
Let me conclude with a declaration by Eugene Kaspersky ,CEO of Kaspersky Labs, on the actual cyber situation:
"Now we’re living in the era of cyber weapons. The world is different. Not just cyber hooligans, vandals. Not just criminals. But governments are in the game and I’m afraid for the worst, I’m still expecting, cyber terrorism.”
The involvement of government is critical,and the problems with US cyber defenses represents serious concerns. Cyberspace could soon become the reign of anarchy and the impact on the real world could be dramatic.
Cross-posted from Security Affairs