The Digital Threat
The frequency and sophistication of intrusions into government and civilian institutions has increased over the past ten years.(7) Everyday networks across the Internet are scanned and probed thousands of times.(8) Every year Verizon Wireless and the US Secret Service work together on a body of research aimed at determining the number of data breaches in the United States and their fundamental nature.(9) Since 2010 the number of data breaches has increased exponentially.(10) Here is a graphical representation of the types and instances experienced determined by the contributors in the 2014 Verizon report. (You can read the entire report here)
As you can see the number of breaches attributed to hackers is growing at an alarming rate. Growth in Malware attacks seems to be slowing but has not dipped in seven years. Breaches attributed to social engineering such as email phishing are also rising as hackers target specific people at large organizations. Typically IT Administrators with access to many systems are targeted. A real example of this phenomenon can be further understood by reading the recently published Snowden revelation by The Intercept regarding how the NSA targeted specific IT administrators at German Satellite companies.(11)
Many people think and feel that internal threats reign supreme whenever breaches occur. This graph from the Verizon report quickly dispels that myth.(12)
Lastly, lets look at the question of what are hackers looking for when accessing and/or disrupting systems? It all boils down to money and serving the self interests of nation state actors for traditional and economic espionage according to this graph from the Verizon report.
As the scale of cyber warfare’s threat to national security of governments and the global economy has come into full view, a new multilayer approach and robust defense strategy is necessary to combat this new asymmetric threat.(13) As authoritarian states (e.g. China and North Korea) develop more operational units to exploit security weaknesses and gather intelligence; there is the increased possibility and probability of a “Clash of Digital Civilizations” to occur.(14) Advanced technology infrastructure gives the United States and many countries advantages over any adversaries.(15) This reliance though on computer networks also potentially enables adversaries to obtain valuable and actionable intelligence about operations and capabilities, which could hamper economic stability and the operations of government.(16) I will demonstrate these vulnerabilities in more detail coming up in the case study section of Part 3.
In May 2011 Mckinsey & Company published a report titled, “Internet Matters: The Net’s Sweeping Impact On Growth, Jobs, and Prosperity”, where it was concluded the Internet is a force multiplier in domestic and global economic growth.(17) Internet security was identified as a key issue to be addressed by all global stakeholders.(18) Additionally, a security study report was published by the Institute for Foreign Policy Analysis, a Washington DC and Cambridge, MA Think Tank. It was found that “At the same time that Internet networks are becoming an essential feature of military operations the number of hackers (states, non-state groups, and individuals) challenging U.S. networks is growing exponentially. It is vital that U.S. departments, agencies, and the military Services continue to operate even if their networks have been penetrated and compromised. Technologies to allow more open networks with components that do not respond to other nodes in the network unless there is proper authentication and authorization may provide a solution to this growing problem.”(19)
A key challenge in cyberspace is the recognition that offense has the advantage over defense.(20) When the Internet was created at The Defense Advanced Research Projects Agency (DARPA) it was engineered to be an expandable collaboration tool that did not have high barriers to new technological innovation.(21) That being said, identity management and security became lower priorities leaving governments and corporations exposed and readily taken advantage of by adversaries.(22) There are two types of cyber crimes that occur, “Access” and or “Disruption”. “Access” crimes deal with data tampering or the theft of data, while “Disruption” crimes involve viruses, worms, logic bombs, trojan horses, or denial of service attacks.(23) In the case study section of the paper I will address multiple instances to elaborate further.
In an environment where offense is the dominant player building a fortress around critical infrastructure is a losing proposition.(24) Thus these circumstances and the nature of deterrence will be focused increasingly on denying any benefits to hackers rather than attempting to resort to retaliatory response measures.(25)
The digital threat has multiple dimensions. A recent new dimension is the political power that social media is having over civil society. The Internet began to rise in access and attraction in the 1990’s, the world’s connected population since that time has increased from millions of people to billions of people.(26) Social media enabled by smart mobile devices have become simple facts of life for many constituencies including telecommunications firms, civil activists, regular citizens, non-governmental organizations, software companies, and governments.(27) The threat this new paradigm presents is that everything people do while on the Internet is now tracked and measured in order to best serve their needs through the practice of “Personalization”.(28)
The Internet in the early days afforded users the ability to remain anonymous. This anonymity precipitated the need for website authentication certificates through companies like VeriSign. Users were constantly being sent emails with links that directed them toward mirror, but fraudulent websites in the hope of capturing your personal identifiable information. Website authentication certificates provided increased confidence to users so when they visited a website requesting personal identifiable information, they could do so authentically and transparently. However advancements in search technologies, social media, and electronic commerce tools, have enabled personalization capabilities for Internet users to be digitally tracked in all facets of their life.(29) These personal and behavioral profiles collected by large data aggregation and technology companies were leveraged post the events of 9/11 by governments providing the ability to recognize the correlation between dangerous people and dangerous activity.(30) What enabled the U.S. government to do this was the creation and approval of the USA Patriot Act and the coupling of government inquiry by using the resources of the data aggregation industry, whose business is to know everything about you.(31) Private and Public collaboration in the national Surveillance state is one of the top three threats to our freedoms. Let’s now discuss the U.S.A Patriot Act in my next post.