Many leaders in the intelligence community are giving grave warnings and concerns over what they deem is more of a real threat than the terrorist’s we have been fighting. The U.S. military Cyber Command, headed by Gen. Keith Alexander, told a Senate Arms Services Committee that the Pentagon is creating 13 cyber teams, which would be able to conduct offensive operations to thwart attacks on the U.S. infrastructure.
According to Clapper, they are increasingly gaining “cyber expertise” which they use “to achieve strategic objectives by gathering sensitive information from public-and private-sector entities, controlling the content and flow of information, and challenging perceived adversaries in cyberspace.”
Clapper said “Those cyber capabilities put all sectors of our country at risk, from government and private networks to critical infrastructures.” He expressed his concern over the budget cuts and the sequestration and how that will effect efforts to combat cyber threats. The intelligence community is seeing some terrorist groups that are interested in developing offensive cyber capabilities and that cyber criminals are using a growing black market to sell cyber tools that will fall into the hands of both terrorists here and abroad.
The DOD (Dept. of Defense) have been petitioning the Secretary of Defense to allow the military to not just defend its own systems and block malware, as it’s currently authorized to do, but also defend critical systems running outside government-controlled networks, the DOD isn’t allowed to touch civilian networks in any way, although it does share threat intelligence with some defense contractors and service providers.
The Pentagon wants approval for aggressive defenses, such as sinkholing, which involves forcibly rerouting a botnet’s command-and-control servers so that malicious code on infected PCs can’t be used to launch attacks. “Olympic Games” program begun by President George W. Bush, and continued at his urging by President Obama, launching Stuxnet, Flame, Duqu, Gauss, and no doubt other malware meant to disable parts of foreign countries critical infrastructure, or eavesdrop on people and information of interest.
This is a slippery slope, once the U.S. infrastructure is attacked do we have the moral high ground to retaliate? Where will it stop? Oh yes, let’s play chicken, shall we.
Will the next course of action be a Worldwide Cyber Arms Treaty? I don’t use malware on your systems and you don’t use them on mine.? In the case of Iran, Stuxnetunleashed against Iran’s nuclear enrichment facilities held back Israel from bombing Iran, which would have drawn the U.S. into yet another ground war. (I personally am very happy with this outcome, as I feel we need to give our troops a serious break). This was considered a diplomatic move and would be a sure no-no under a Cyber Arms Treaty. Can we as a people or a government be held accountable for an attack on another country, through cyber warfare, from another source that is not our government but we were blamed for this cyber attack?
Anyone who wishes the U.S. harm may engage in cyber war against us, by the time we got off our knees and dusted them off, would we even know who, why or what the hell happened, and would it be too late to even care? There are a lot of wackadoddles out there with zero empathy just looking for an excuse to cause havoc and as much damage to innocent women and children as possible. I shudder to think of how many people dependent on life support systems and medicines to stay alive who would suffer the most. This is inexcusable, under any circumstance.
Selling cyber tools is not only shortsighted, they won’t have a chance to use that money they made when the U.S. goes down and possibly most of the globe, being shot at plus starving doesn’t equal brains, but I would haggard a guess that selling these little tidbits will eventually land them a stint for possible treason in the very homey Federal prison system.
The government will probably put a treaty off as long as possible to give the U.S. a chance to play catch up, for all their whining about being behind the times, but I do see this happening sometime in the distant future. How much money this offensive program and the cyber teams will cost and where the funds will come from in these hard times will probably not be up for debate, as this has been given a green light already and a priority. Considering that the military is anywhere from 50 years to 75 years more advanced in technologies than the private sector, I wonder what else they feel they need.