Far-Reaching Impact of the Cyber Threat

Director of National Intelligence's Annual Threat Assessment

February 2, 2010.
Far-Reaching Impact of the Cyber Threat

<

See Also: Mobile Deposit Capture: Balancing Fraud Prevention and Customer Convenience

b>By DENNIS C. BLAIR
Director of National Intelligence

(This article is adapted from testimony Director of National Security Dennis Blair delivered Tuesday to the Senate Select Committee on Intelligence.)

The national security of the United States, our economic prosperity, and the daily functioning of our government are dependent on a dynamic public and private information infrastructure, which includes telecommunications, computer networks and systems, and the information residing within. This critical infrastructure is severely threatened.

This cyber domain is exponentially expanding our ability to create and share knowledge, but it is also enabling those who would steal, corrupt, harm or destroy the public and private assets vital to our national interests. The recent intrusions reported by Google are a stark reminder of the importance of these cyber assets, and a wake-up call to those who have not taken this problem seriously. Companies who promptly report cyber intrusions to government authorities greatly help us to understand and address the range of cyber threats that face us all.

Acting independently, neither the U.S. government nor the private sector can fully control or protect the country's information infrastructure. Yet, with increased national attention and investment in cybersecurity initiatives, I am confident the United States can implement measures to mitigate this negative situation.

Evolving Threat and Future Trends

The United States confronts a dangerous combination of known and unknown vulnerabilities, strong and rapidly expanding adversary capabilities, and a lack of comprehensive threat awareness. Malicious cyber activity is occurring on an unprecedented scale with extraordinary sophistication. While both the threats and technologies associated with cyberspace are dynamic, the existing balance in network technology favors malicious actors, and is likely to continue to do so for the foreseeable future. Sensitive information is stolen daily from both government and private sector networks, undermining confidence in our information systems, and in the very information these systems were intended to convey. We often find persistent, unauthorized, and at times, unattributable presences on exploited networks, the hallmark of an unknown adversary intending to do far more than merely demonstrate skill or mock a vulnerability. We cannot be certain that our cyberspace infrastructure will remain available and reliable during a time of crisis. Within this dynamic environment, we are confronting threats that are both more targeted and more serious. New cybersecurity approaches must continually be developed, tested, and implemented to respond to new threat technologies and strategies.

We face nation states, terrorist networks, organized criminal groups, individuals, and other cyber actors with varying combinations of access, technical sophistication and intent. Many have the capabilities to target elements of the U.S. information infrastructure for intelligence collection, intellectual property theft or disruption. Terrorist groups and their sympathizers have expressed interest in using cyber means to target the United States and its citizens. Criminal elements continue to show growing sophistication in their technical capability and targeting.

Today, cyber criminals operate a pervasive, mature on-line service economy in illicit cyber capabilities and services, which are available to anyone willing to pay. Globally, widespread cyber-facilitated bank and credit card fraud has serious implications for economic and financial systems and the national security, intelligence, and law enforcement communities charged with protecting them.

The cyber criminal sector in particular has displayed remarkable technical innovation with an agility presently exceeding the response capability of network defenders. Criminals are developing new, difficult-to-counter tools. In 2009, we saw the deployment of self modifying malware, which evolves to render traditional virus detection technologies less effective. The Conficker worm, which appeared in 2008 and created one of the largest networks of compromised computers identified thus far, continues to provide a persistent and adaptable platform for other malicious enterprises. Criminals are targeting mobile devices such as "smart phones," whose increasing power and use in financial transactions makes them potentially lucrative targets.

  • Print
  • Tweet Like LinkedIn share
Get permission to license our content for reuse in a myriad of ways.
ARTICLE U.S., UK Plan 'Cyber War Games'

The U.S. and U.K. plan to hold "cyber war games" to help them prepare for defending against online...

Latest Tweets and Mentions

ARTICLE U.S., UK Plan 'Cyber War Games'

The U.S. and U.K. plan to hold "cyber war games" to help them prepare for defending against online...

The ISMG Network