Homeland Security Watch

News and analysis of critical issues in homeland security

August 12, 2008

When Electrons Attack

Filed under: Cybersecurity — by James Carafano on August 12, 2008

~Guest Post~

Bombs and bullets are not the only thing flying around in the Russia-Georgian war that broke out over the weekend. According to a recent story in The Telegraph, the Georgian Ministry of Foreign Affairs claimed “[a] cyber warfare campaign by Russia is seriously disrupting many Georgian websites, including that of the Ministry of Foreign Affairs.” That is not the first time Russia has been accused of cyber warfare.

A widely publicized cyber assault against Estonia in 2007 increased suspicion that Russia is using online malicious activity as a tool of national policy. The assault disrupted public and private Estonian information networks with massive denial-of-service attacks. The Estonia attacks targeted the Web sites of banks, telecommunication companies, media outlets, and government agencies, eventually forcing the country to block all foreign Internet traffic. Many Web sites were shut down by denial-of-service attacks, in which the attacker uses thousands of hijacked computers to bombard a Web site with use­less information until it is overloaded. Estonia’s defense minister described the attacks as “a national security situation…. It can effectively be compared to when your ports are shut to the sea.” The Estonia and Georgian attacks testify to the dis­ruptive power of a coordinated cyber offensive

Russia is not the only one. China uses “cyber-spying” as a matter of course -and America is one of their prime targets.

U.S. government information systems are attacked every day from sources within the country and around the world. Some of these intrusions have been extremely serious, compromising security and costing millions of dollars. Penetration of computer networks at the National Defense University proved so pervasive that the university was forced to take the entire computer network offline and install new information system defenses.

These attacks come from states, criminal networks, “hackivists” (online political activists) and other malicious actors.

In addition, bad people exploit the freedom of the Internet-terrorists included. They go online to gather intelligence, raise money, share tradecraft in chat rooms, and coordinate propaganda messages.

The lesson for the United States is take the challenge of cyber threats seriously. The initiatives that will likely best serve the United States and its international partners in the cyber conflicts of the 21st century are those derived from private sector experience, emerging military and intelligence capabilities for conducting information warfare, and law enforcement measures for combating cyber crime. The U.S. needs a national framework that builds on these capabilities, encouraging them to collaborate and reinforce one another. These initiatives should include:

• Adopting best practices. Both government agencies, such as the National Institute for Standards and Technology, and the private sector continue to develop best practices and lessons learned. These can be effective tools. Ensuring that these are refreshed and applied should be government’s first priority.

• Employing risk-based approaches. All information programs must include assessments of criticality, threat, and vulnerability as well as measures to efficiently and effectively reduce risks.

• Fostering teamwork. Cybersecurity is a national responsibility requiring international cooperation. The United States must maintain effective bilateral and multinational partnerships to combat cyber threats.

• Exploiting emergent private sector capabilities. These may come from many sources, such as small companies and foreign countries. The U.S. government must become a more agile consumer of cutting-edge commercial capabilities.

• Focusing on professional development. Most government information programs underperform because, due to inattentive senior leadership, they lack clear requirements and hold unrealistic projections of the resources required to implement those requirements. National security professionals must have familiarity with a number of diverse security-related disciplines and practice in interagency operations, working with different government agencies, the private sector, and international partners.

• Developing robust offensive capabilities to respond to cyber attacks and malicious acts by either state or non-state threats using the full range of military, intelligence, law enforcement, diplomatic, and economic means.

What is needed, however, is not massive reorganization, massive government bureaucracy, massive infusions of government cash, or massive intrusions into the marketplace and the lives of Americans. What is needed is long-term commitment and sound initiatives based on better and faster acquisition of commercial services; better and smarter management of military, intelligence, and information technology programs; and better and sustained professional development of federal, state, local, and private sector leaders.

James Jay Carafano, Ph.D., is Assistant Director, Kathryn and Shelby Cullom Davis Institute for International Studies and Senior Research Fellow, Douglas and Sarah Allison Center for Foreign Policy Studies at The Heritage Foundation in Washington, DC.

Share and Enjoy:
  • Digg
  • Reddit
  • Facebook
  • Yahoo! Buzz
  • Google Bookmarks
  • email
  • Print

2 Comments »

Comment by Brenden Kuerbis

August 13, 2008 @ 9:26 am

I would be cautious propagating the story that the Russian government is behind the recent Georgian attacks. At this point it is pure speculation:

Georgian Websites Under Attack – Don’t Believe the Hype

http://www.shadowserver.org/wiki/pmwiki.php?n=Calendar.20080812

Comment by William R. Cumming

August 14, 2008 @ 3:08 pm

Sooner or later one of these so called cyber wars is going to reveal the dependency of the top tier defensive units on lower tier critical infrastructure. These wars should be studied in great detail for lessons learned. Example, records even of WWII are incomplete and US Treasury recently finished destroying all records of the financing of WWII so what we have we have and what we don’t we don’t. Since Congress seems to allow CIP to be ignored this is tragedy waiting to happen. Good post Jay!

RSS feed for comments on this post. TrackBack URI

Leave a comment

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>