Article By Tom Groenfeldt
Maybe I missed the US coverage, but the Financial Times surprised me with news of USCybercom, America's Cyber Command.
I have written about Richard Clarke, the former anti-terrorism chief under Presidents Bill Clinton and George W. Bush, who wrote about the dangers to the US in his new book, Cyber War.
He described the possibility of China's shutting down Chicago, from electric grid to water, sewer and traffic control, to persuade the US to lay off its support of Taiwan. The Chinese have already implanted computer controls in parts of the electric grid, he said.
USCybercom will be run by General Keith Alexander who testified before Congress as his confirmation hearing, but a lot of the testimony has been censored. He did say that the Pentagon's computer systems are probed 250,000 times an hour or up to six million times a day.
Clarke, who rang the alarm over cybersecurity, isn't entirely comforted by the new command.
As the FT reports:
"We created a new military command," he wrote, "to conduct a new kind of high-tech war, without public debate, media discussion, serious congressional oversight, academic analysis or international dialogue."
Misha Glenny, who wrote the FT story, says "so much of Alexander's testimony to Congress has been classified that nobody outside the Pentagon and the White House quite knows what the military cyber-strategy involves."
The task is immense. The FT story says the Pentagon runs 7 million computers across 15,000 networks to support 4,000 military installations around the world.
The vulnerability was demonstrated in 2008 when a solider in the Middle East stuck a contaminated USB sick into a Pentagon laptop and unleashed a mlaicious code that could transfer classified and unclassified information fom the US network to an alien server.
Glenny says the Stuxnet virus has ratcheted the game up a couple of notches. The virus, perhaps developed by Israel to target Iran's nuclear engineering program, is so sophisticated that even after several months computer experts haven't been able to fully decode it.
This is a story that anyone involved in security should read.
Cross-posted from CIO Zone