Matthew Warren has been appointed to the Senior Executive Service and assigned as deputy director, international armaments cooperation, Office of the Under Secretary of Defense (Acquisition, Technology and Logistics), Washington, D.C.
Supervisory control and data acquisition (SCADA) systems face numerous threats from cybermarauders coming at them from any of a number of directions. Some systems could suffer malware attacks even though they are not the intended targets, according to a leading security expert.
One of the world’s leading experts on cybersecurity calls cyber sabotage attacks “the worst innovation of this century.” Cyberweapons have become too dangerous, and cyberattack can lead to visible and important damage to the critical infrastructure or telecommunications. And, attribution is almost impossible.
Democracy has only 20 years left to live if an effective means of digital identification is not developed before that deadline. As young people growing up with social media reach voting age in increasing numbers, they will lead a major shift to online voting. A lack of identity security will throw open the gates to massive voter fraud that will destroy the fidelity of elections, and with it, true representative government.
That gloomy assessment came from one the world’s leading experts on cybersecurity. Speaking at the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., Eugene Kaspersky, chief executive officer and co-founder of Kaspersky Lab, warned that this will be a consequence of the failure to secure the Internet.
“Kids today are always online,” he pointed out. “They will want to vote online. We need a 100-percent, biometric-based digital identification card.”
Issuing this type of identification will help secure the Internet if it is restructured, Kaspersky continued. He suggested splitting the Internet into different components: One would be highly secure, where financial transactions would take place, and another would be totally open for noncrucial activities with no identification required. Other segments with varying degrees of importance and security would be located in between these two extremes, he offered.
A “digital Pearl Harbor Armageddon” that inflicts catastrophic damage on the United States is not likely soon or in the foreseeable future. The worst cyber attack that could be expected would have less of an effect for a shorter period of time, said an expert with the Office of the Director of National Intelligence (ODNI).
Sean Kanuck, national intelligence officer for cyber issues at the National Intelligence Council, ODNI, told the audience at the second day of the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., that predictions of destruction that would bring the United States to its knees are unnecessarily pessimistic and unlikely to materialize.
The worst cyber event that could be expected would be regional, not national, in terms of its effects. It would not be enduring, instead lasting days at most. It probably would afflict familiar targets such as oil and gas distribution networks, power grids and transportation.
The financial sector could be damaged by a cyber attack that causes substantial losses. Right now, the U.S. government does not have a baseline or a metric for determining remediation expenses or financial losses, Kanuck said.
The most damaging cyber attacks possible are among the least likely to happen, because the powers capable of undertaking them are unlikely to launch them, according to an expert with the Office of the Director of National Intelligence (ODNI). Sean Kanuck, national intelligence officer for cyber issues at the National Intelligence Council, ODNI, told the audience at the second day of the AFCEA Global Intelligence Forum in the National Press Club in Washington, D.C., that cyber attack capability need not translate to immediate threat.
Kanuck explained that the most sophisticated players in cyber are powerful nations that know it would run counter to their interests to inflict a damaging attack on the United States. They will—and do—conduct cyber espionage, but they would not want to bring down the United States except possibly in an existential military conflict that threatens their regime or as a part of a major war.
On the other hand, some less capable cyber nations might be willing to launch a devastating attack. Nations such as Iran, for example, might see benefits from inflicting great harm on the United States.
Non-state players would join the major powers in eschewing a crippling attack on the United States. Kanuck pointed out that these non-state entities use cyber to their advantage, such as for criminal activities. “They do not want to kill the goose that lays the golden egg,” he noted. “They want to profit, but they don’t want to bring down the law upon themselves.”