Page 30 - CDM-Cyber-Warnings-January-2014
P. 30
The U.S. is in a cyber-arms race …that only politicians can get us out of… I recently wrote an article for the upcoming print edition of Cyber Defense Magazine’s annual RSA issue titled Proactive Homeland Cyber-Security? It’s going to take a ‘cyber-9/11’ terrorist attack for the U.S. to get really serious about cyber threat. The article provides a candid assessment that U.S. Government and Industry aren’t prioritizing cyber threat for various reasons, the main one being it is just not that important yet. I posit further in the article that it is going to take a “cyber 9/11” for this country to get really serious about cyber threat management. That article however, is a topic for later discussion. Before sending the “cyber-9/11” article on to the editor’s desk, I passed it on to an InfoSec colleague for feedback. This colleague is a well-respected mobile risk management consultant in the cyber threat management space who engages frequently with both government and industry clients. Upon seeing my comment in the article that China is amassing an army of cyber-terrorists (that by now numbers more than 2,000 strong), he replied with the following food for thought: “Is this in response to the U.S. Government’s militarization of the Internet?” We have all heard by now the stories about NSA tactics to keep our borders safe? We have heard Snowden’s side of the story. But what we haven’t heard about are the electronic surveillance tactics the U.S. Government uses against foreign governments, albeit friend or foe. This InfoSec colleague estimates that the U.S. Government allocates much more budget than China does to the militarization of the Internet. One could argue that China’s army of cyber- terrorists is a response to growing U.S. online covert activity against foreign governments. It is hard to determine which came first, but it is clear that we know little of the type and magnitude of the snooping U.S. Intelligence imparts on other governments. President Obama’s NSA Reform speech given at the Department of Justice this month (January 17, 2014) begins with Revolutionary War leaders patrolling the streets for Colonial (pre-nation, mind you) intelligence on the enemy and this is a great analogy as it brings to light the need for intel on the enemy to keep our citizens safe. Mr. Obama gives a compelling speech that is well received across nearly all political factions and the reforms suggested for the most part make great sense. Mr. Obama spends a few minutes on foreign intelligence and stated that “ordinary citizens in other countries have confidence that the United States respects their privacy too.” For governments abroad, the president merely stated that no one expects Russia or China to show any transparency about their surveillance practices, yet he stopped short of suggesting the U.S. would either. And then the speech ends. Just a few words of the entire speech allocated to foreign dignitary privacy. The point here is not the speech. And though I believe Mr. Obama gave a great speech, there was little mention of the threat to U.S. Government and Industry on intellectual property that is breached daily that by some estimates, exceeds trillions of dollars each year. The president + % %! ! & , ! . !( %+ ' "! "#+% ' - + % !& , ! % '& % & %) *"% *
