Home' Defense Systems : December 2012 Contents CYBER YEAR IN REVIEW
BY JOHN EDWARDS
When historians look back at 2012, it s
likely that they will peg the year as the
moment when the world became fully
engaged in its rst cyber war.
"I de nitely think cyber is part of
warfare," said former Navy RADM
Mike Brown, now vice president and
general manager of the federal business
and critical infrastructure unit at EMC-
RSA, a security consulting rm based in
Bedford, Mass. "What we re concerned
about inside government, and what
those of us in the security environment
see on a daily basis, is the potential for
a signi cant impact to our way of life."
Evidence of an ongoing cyber war
mounted during 2012. In late summer
and early fall, major U.S. banks were
hit with a series of highly publicized
distributed denial of service assaults.
During the same timeframe, several
Middle Eastern oil and gas companies,
including Saudi Aramco, were struck
by the "Shamoon" virus, which replaced
critical computer les with the image
of a burning American ag. Addition-
ally, throughout the year, thousands of
smaller cyberattacks---likely launched
by state sponsors, as well as "hacktivist"
groups such as Anonymous---struck
many major U.S. businesses and gov-
ernment agencies, and many smaller
entities as well.
In October, Defense Secretary Leon
Panetta warned that the U.S. faces a pos-
sible cyber Pearl Harbor if it continues
to ignore cyberwar threats. " e whole
point of this is that we simply don t just
sit back and wait for a...crisis to hap-
pen," Panetta told Time magazine. "In
this country we tend to do that, and
that s a concern."
U.S. allies also felt the pressure. Jona-
than Evans, director general of MI5,
the U.K. security service, warned that
cyberattacks against the nation s public
companies was as much of a security
challenge as terrorism.
A CONTINUOUS THREAT
"We re seeing cyber con ict every single
day," said Anup Ghosh, a former Defense
Advanced Research Projects Agency se-
nior scientist and program manager. "We re
seeing the wholesale compromise of our
nation s networks across all industries and
the government," said Ghosh, who is now
CEO and founder of Invincea, a security
so ware developer located in Fairfax, Va.
So who s behind the attacks? "Iran cer-
tainly has the most p.r.," said Jason Lewis,
chief scientist of Lookingglass Cyber So-
lutions, a cyber security company based
in Baltimore. Yet Lewis is most worried
about the threats that aren t being talked
about. "It doesn t take much to establish
a cyberwarfare capability, so countries on
the U.S. sanction list have motivation to use
computer-based intelligence to improve
their situation or damage those countries
they feel are treating them unfairly," he ob-
served. "Iran is a suspect in the attacks on
Saudi Aramco, but there is little informa-
tion about Syria s capabilities."
en there s the two giant cyber war
wild cards: Russia and China. "China is
probably the most advanced in terms of
organized capabilities," Lewis said.
LEVELING THE FIELD
" ere s no one who is immune to nation-
state attacks, and we have to face it from
all di erent types of nations," Ghosh said.
In a certain sense, cyber creates a level
playing eld, he observed. "A level play-
ing eld between so-called ird World
countries with limited military capabili-
ties to our cyber capabilities."
Brown, who served as director of cy-
bersecurity coordination in the National
Protection and Programs Directorate for
the Department of Homeland Security,
noted that cyberattacks, capable of dis-
rupting vital services, threaten civilian
populations, as well as governments and
businesses. "For instance, if the target is
the electrical grid or the water supply, it
could have an e ect that causes death," he
said. " at s part of what the end result is
when you have malicious activity capable
of causing physical things to occur."
As cyberattacks mounted in 2012, DOD
and other government agencies began strik-
ing back. "I can assure you that we re doing
the same on the o ensive side," Ghosh said.
"We don t know the details of that, but we re
certainly doing similar types of exploits
against other nations." ■
38 DECEMBER 2012 | DefenseSystems.com
Air Force personnel update anti-virus software to block hackers. Russia, China and
countries on the U.S. sanction list regularly attack U.S. networks.
2012:Year One in global cyber war
Links Archive November 2012 January and February 2013 Navigation Previous Page Next Page