Friday, February 13, 2009

DNI: Cyber Security a Top U.S. National Security Issue

The U.S. Director of National Intelligence, Dennis Blair, has provided his annual threat assessment to Congress. His Statement for the Record has been published and cyber security issues are defined as a major threat to the United States. Mr. Blair's statement includes the following summary of the threat (emphasis has been added):

"A growing array of state and non-state adversaries are increasingly targeting—for exploitation and potentially disruption or destruction—our information infrastructure, including the Internet, telecommunications networks, computer systems, and embedded processors and controllers in critical industries. Over the past year, cyber exploitation activity has grown more sophisticated, more targeted, and more serious. The Intelligence Community expects these trends to continue in the coming year.

"We assess that a number of nations, including Russia and China, have the technical capabilities to target and disrupt elements of the US information infrastructure and for intelligence collection. Nation states and criminals target our government and private sector information networks to gain competitive advantage in the commercial sector. Terrorist groups, including al-Qa’ida, HAMAS, and Hizballah, have expressed the desire to use cyber means to target the United States. Criminal elements continue to show growing sophistication in technical capability and targeting and today operate a pervasive, mature on-line service economy in illicit cyber capabilities and services available to anyone willing to pay. Each of these actors has different levels of skill and different intentions; therefore, we must develop flexible capabilities to counter each. We must take proactive measures to detect and prevent intrusions from whatever source, as they happen, and before they can do significant damage.

"We expect disruptive cyber activities to be the norm in future political or military conflicts. The Distributed Denial of Service (DDoS) attacks and Web defacements that targeted Georgia in 2008 and Estonia in 2007 disrupted government, media, and banking Web sites. DDoS attacks and Web defacements targeted Georgian government Web sites, including that of Georgian President Saakishvili, intermittently disrupting online access to the official Georgian perspective of the conflict and some Georgian Government functions but did not affect military action. Such attacks have been a common outlet for hackers during political disputes over the past decade, including Israel’s military conflicts with Hizballah and HAMAS in 2006 and 2008, the aftermath of the terrorist attacks in Mumbai last year, the publication of cartoons caricaturing the Prophet Mohammed in 2005, and the Chinese downing of a US Navy aircraft in 2001."
The report also discusses online activity by organized crime.

Annual Threat Assessment of the Intelligence Community for the Senate Select Committee on Intelligence

No comments: