Today's hearing is timely and very relevant. We are examining the cyber threat today that is posed by nation-states, namely China, Russia, and Iran. I focus on the nation-state aspect of this threat because it represents a new battlefield in state relationships and one in which we must prepare accordingly. There have been significant developments in the cyber domain, highlighted by the fact that the U.S. Government has finally begun to name the nation-states most responsible for cyber attacks against the United States. Tom Donilon, the President's National security adviser, outed China as the place where cyber intrusions are emanating on an unprecedented scale. The annual threat assessment by the United States intelligence community delivered to Congress-Director of National Intelligence, James Clapper, named cyber as the top threat to the United States' National security. This represents a major shift in the threat assessment by the United States intelligence community and makes our work on this committee even more important.
A former top-level National Security Agency insider goes behind the headlines to explore America's next great battleground: digital security. An urgent wake-up call that identifies our foes; unveils their methods; and charts the dire consequences for government, business, and individuals.
Shortly after 9/11, Joel Brenner entered the inner sanctum of American espionage, first as the inspector general of the National Security Agency, then as the head of counterintelligence for the director of national intelligence. He saw at close range the battleground on which our adversaries are now attacking us-cyberspace. We are at the mercy of a new generation of spies who operate remotely from China, the Middle East, Russia, even France, among many other places. These operatives have already shown their ability to penetrate our power plants, steal our latest submarine technology, rob our banks, and invade the Pentagon‘s secret communications systems.
Incidents like the WikiLeaks posting of secret U.S. State Department cables hint at the urgency of this problem, but they hardly reveal its extent or its danger. Our government and corporations are a “glass house,” all but transparent to our adversaries. Counterfeit computer chips have found their way into our fighter aircraft; the Chinese stole a new radar system that the navy spent billions to develop; our own soldiers used intentionally corrupted thumb drives to download classified intel from laptops in Iraq. And much more.
Dispatches from the corporate world are just as dire. In 2008, hackers lifted customer files from the Royal Bank of Scotland and used them to withdraw $9 million in half an hour from ATMs in the United States, Britain, and Canada. If that was a traditional heist, it would be counted as one of the largest in history. Worldwide, corporations lose on average $5 million worth of intellectual property apiece annually, and big companies lose many times that.
The structure and culture of the Internet favor spies over governments and corporations, and hackers over privacy, and we've done little to alter that balance. Brenner draws on his extraordinary background to show how to right this imbalance and bring to cyberspace the freedom, accountability, and security we expect elsewhere in our lives.
In America the Vulnerable, Brenner offers a chilling and revelatory appraisal of the new faces of war and espionage-virtual battles with dangerous implications for government, business, and all of us.
- Hybrid and Cyber War As Consequences of the Asymmetry: A Comprehensive Approach Answering Hybrid Actors and Activities in Cyberspace (tobem.com)
- Inside Cyber Warfare: Mapping the Cyber Underworld (tobem.com)
- National Defense Strategy – United States of America (tobem.com)
Military and intelligence leaders agree that the next major war is not likely to be fought on the battleground but in cyber space. Richard Stiennon argues the era of cyber warfare has already begun. Recent cyber attacks on United States government departments and the Pentagon corroborate this claim. China has compromised email servers at the German Chancellery, Whitehall, and the Pentagon. In August 2008, Russia launched a cyber attack against Georgia that was commensurate with their invasion of South Ossetia. This was the first time that modern cyber attacks were used in conjunction with a physical attack. Every day, thousands of attempts are made to hack into America's critical infrastructure. These attacks, if successful, could have devastating consequences. In Surviving Cyberwar, Stiennon introduces cyberwar, outlines an effective defense against cyber threats, and explains how to prepare for future attacks.
What people are saying about Inside Cyber Warfare
“The necessary handbook for the 21st century.”
–Lewis Shepherd, Chief Tech Officer and Senior Fellow, Microsoft Institute for Advanced Technology in Governments
“A must-read for policy makers and leaders who need to understand the big-picture landscape of cyber war.”
–Jim Stogdill, CTO, Mission Services Accenture
You may have heard about “cyber warfare” in the news, but do you really know what it is? This book provides fascinating and disturbing details on how nations, groups, and individuals throughout the world are using the Internet as an attack platform to gain military, political, and economic advantages over their adversaries. You'll learn how sophisticated hackers working on behalf of states or organized crime patiently play a high-stakes game that could target anyone, regardless of affiliation or nationality.
Inside Cyber Warfare goes beyond the headlines of attention-grabbing DDoS attacks and takes a deep look inside multiple cyber-conflicts that occurred from 2002 through summer 2009.
- Learn how cyber attacks are waged in open conflicts, including recent hostilities between Russia and Georgia, and Israel and Palestine
- Discover why Twitter, Facebook, LiveJournal, Vkontakte, and other sites on the social web are mined by the intelligence services of many nations
- Read about China's commitment to penetrate the networks of its technologically superior adversaries as a matter of national survival
- Find out why many attacks originate from servers in the United States, and who's responsible
- Learn how hackers are “weaponizing” malware to attack vulnerabilities at the application level
This book arises from the NATO-Russia Workshop, and focuses on the creation of a risk-informed analysis capability for modeling and predicting the behavior of complex infrastructure networks; applying emerging technology to the problems of designing, constructing, monitoring, and operating critical infrastructure systems; and building an understanding of the social, economic, and environmental factors that affect, and are affected by, critical infrastructure.