Wednesday, February 03, 2010

DNI Blair Leads with APT as a "Wake-Up Call"

AFP is one of the few news outlets that correctly focused on the key aspect of testimony by US Director of National Intelligence Dennis Blair at yesterday's US Senate Select Committee on Intelligence hearing. In his testimony, DNI Blair began his Annual Threat Assessment of the US Intelligence Community with the following. I highlight "began" because this section wasn't buried in the middle of the document. He discussed digital threats right from the start.

The national security of the United States, our economic prosperity, and the daily functioning of our government are dependent on a dynamic public and private information infrastructure... This critical infrastructure is severely threatened.

The recent intrusions reported by Google are a stark reminder of the importance of these cyber assets, and a wake-up call to those who have not taken this problem seriously...

I am here today to stress that, acting independently, neither the US Government nor the private sector can fully control or protect the country’s information infrastructure...

The existing balance in network technology favors malicious actors, and is likely to continue to do so for the foreseeable future. Sensitive information is stolen daily from both government and private sector networks, undermining confidence in our information systems, and in the very information these systems were intended to convey.

We often find persistent, unauthorized, and at times, unattributable presences on exploited networks, the hallmark of an unknown adversary intending to do far more than merely demonstrate skill or mock a vulnerability...

Many have the capabilities to target elements of the US information infrastructure for intelligence collection, intellectual property theft, or disruption...


I'm sure a few readers keyed on the terms "unattributable" and "unknown". Only in the section on China did DNI Blair mention a country that "pose[d] challenges to its neighbors and beyond" with respect to cyber activities. He said:

The PLA’s capabilities and activities in four key areas pose challenges to its neighbors and beyond Taiwan, including China’s military relationships across the developing world; China’s aggressive cyber activities; its development of space and counterspace capabilities; and its expansive definition of its maritime and air space with consequent implications for restricted freedom of navigation for other states...

The other section where "cyber" was mentioned appeared in the International Organized Crime material:

International organized crime (IOC) is threatening US interests by forging alliances with corrupt government officials, undermining competition in key global markets, perpetrating extensive cyber crimes, and expanding their narcotrafficking networks...

International criminal organizations are likely to become more involved in cyber crimes, raising the risk of significant damage to the global financial and trust systems—banking, stock markets, and credit card services—on which the global economy depends.


I highlight the criminal aspect to remind everyone that cyber crime is a real problem that should not be forgotten!

I'm sure there are readers who will dismiss this as "Beltway propaganda," but I think it's important to realize what the nation's top intelligence official -- surely a "grown up" by anyone's standards -- has to say to the Senate about recent digital intrusions.

6 comments:

Anonymous said...

Did he give any specifics on how to deal with the problem?

Rob Lee said...

This is wonderful in every way. Cybersecurity has never seen this much coverage. Although I am quite confused about one item. Where is our recently appointed Cyber-Security Coordinator, Howard Schmidt? Given the level of attention over the past few weeks from Secretary Clinton and now DNI Blair, this seems to be the perfect opportunity for Mr. Schmidt to leverage a new cybersecurity agenda. He could use the new found national attention to these challenges in a way to show some true leadership. Mr. Schmidt, a crisis is a terrible thing to waste.

nr said...

Reference:

Annual Threat Assessment/Statement for the Record for the Senate Select Committee on Intelligence

gunnar said...

Not sure what everyone is worried about, we already got our revenge on China, we sent them Stephon "get in the van" Marbury

http://www.youtube.com/watch?v=_g2seBh-P_U&feature=player_embedded

Keydet89 said...

We often find persistent, unauthorized, and at times, unattributable presences on exploited networks, the hallmark of an unknown adversary intending to do far more than merely demonstrate skill or mock a vulnerability...

I really don't know if this was intended to be new; I hope not, because, really, it isn't. Persistent and unauthorized isn't at all new...add to that "undetected due to lack of visibility or management...", and many of the other things that've been said time and again over the years.

The existing balance in network technology favors malicious actors...

Again, this really isn't anything new, with the minor exception that this should read, "...in network technology implementation..."; in many cases, it isn't the technology itself but the fact that it isn't implemented correctly...

Michael Cloppert said...

A bit late to the party, but I'd like to add it's incredibly concerning and frustrating that CNN news reports are a wake-up call to the DNI, but not the past half-decade of reporting and noise-making from the DoD, IC, and defense industrial base about these problems. Is the communication breakdown that bad? Is the trust in those closest to the problem that low?

If media coverage is the only way for the government to pay attention to serious problems, it sends a dangerous message to those closely tracking these issues: exposing publicly these problems is of far greater value than going through proper reporting channels. When this happens, operational security risks being compromised. That's not to say these issues shouldn't be made public -- I am truly a supporter of responsible disclosure. But in an environment characterized by espionage, such revelations must be made with coordination, care and due diligence. This is not the path we are currently on.