Former White House advisor Mr Richard A. Clarke talks about the security challenges facing governments and corporations today.
|
At the recent Information Security Seminar on 13 April 2011, Mr Richard A. Clarke, Partner with security consultancy Good Harbor Consulting and an internationally-renowned expert on homeland security, national security, cyber security and counterterrorism, shared his views on the topic "Crime, Espionage and War in Cyberspace – The Challenge to Governments
and Corporations".
Mr Clarke, who has served under three United States Presidents in various roles such as Special Assistant to the President for Global Affairs, National Coordinator for Security and Counterterrorism and Special Advisor to the President for Cyber Security, shared his personal views below when asked about the four threats in cyberspace and how governments can beef up their security to handle these growing menaces.
Threat #1: Cyber criminal organisations
We have always known of cyber criminals who are out there trying to steal passwords and money. What is new is that these cyber criminals are now hiring highly-skilled PhDs and engineers. These large international criminal cartels have succeeded in stealing billions of dollars. They are now as large as the drug cartels, and they are mostly headquartered in Eastern Europe and East Asia. We do not get the cooperation of the countries where they are housed.
Threat #2: Cyber espionage agencies
We used to think of cyber espionage as spying between governments. Now it is also used by criminal organisations targeting private companies to get hold of customer lists, new products and new product design plans, as well as information on their research and development activities.
What is frightening about these cyber espionage activities is that most of the companies attacked do not even know that information has been stolen. In the US, two-thirds of the 90 breached companies were not aware of it. In the UK, the MI5 told 300 top British companies that they had been successfully penetrated by China. The cyber attackers defeated firewalls, anti-virus protection and intrusion-detection systems to capture information.
A recent successful attack was on RSA, the company that does the two-factor authentication SecurID for banks and other sensitive networks. It was a targeted, phishing campaign with a malicious Flash object that compromised the company. The attacker sent phishing emails to small groups of employees, not high-level staff, and one of these employees opened it and spread the worms. No one caught the information that went out of the network as it was compressed and sent in small chunks. Within a day, the company was compromised.
The energy sector around the world has also been hit by cyber espionage recently and there was the case of China Telecom diverting all Internet traffic from the US through its network for 15 to 20 minutes, including traffic
from Pentagon.
Threat #3: Cyber war military units
Cyber war does not happen very often. However, 20 to 30 nations worldwide have created cyber military units. These countries include North Korea, South Korea, India, Pakistan, Iran, China, Taiwan, Israel and France. In the US, a cyber command has been established with army, navy and air force components.
In cyber war, the computer systems of enemy countries are penetrated. Trains can be derailed, banking and stock market systems brought down and so on.
Some examples would be citizen activists in Russia shutting down Estonia's mobile network, banking system and government ministry networks. Another would be the Stuxnet Windows computer worm that was used against Iran during 2009 and 2010. The worm caused Siemens equipment to send wrong signals to the centrifuges, destroying 1,000 of them.
Threat #4: Terrorist groups using the Internet
The good news is that terrorists groups like Al Qaeda do not engage in cyber-terrorism; they use the Internet for communication, propaganda, raising money, teaching and recruitment. But it is a matter of time.
What can governments do to beef up security in cyberspace?
Governments must work closely with the private Governments must work closely with the private sector, sharing information about threats and getting help from each other to secure the systems. Governments should also sponsor research and new protocols to create diversity in cyberspace, since its homogeneity makes it vulnerable to attack. Finally, governments should cooperate and refuse to sanction cyber espionage or harbour criminals within their borders.
Note: The views expressed in this article are from Mr Richard A. Clarke and do not necessarily reflect those of the Singapore Government.