Sunday, December 26, 2010

FBI: Cyberattacks on DOD are down

This from the November FBI Newark "National Security Threat Awareness Monthly Bulletin":

(U) Are Cyberattacks Against DOD on the Decline? Although Numbers May be Down, the Threat
is Still Prominent, Some Experts Say (Federal Computer Week, 29 OCT 2010)
(U) A new report says the number of attempted attacks on Defense Department computer networks seems to have decreased compared with the rate of attempts last year. However, the finding will hold only if the trend recorded in the first half of the year continues through the end of the year, and it conflicts with statements of DOD officials who say the number of attacks and probes is on the rise. The US-China Economic and Security Review Commission noted in their 2010 annual report, that “incidents of malicious cyber activity” declined in 2010, the first time that's happened in this millennium, according to Wired’s Danger Room blog. Although last year there were 71,000 incidents, the first half of this year had 30,000, according to the report. “If the rate of malicious activity from the first half of this year continues
through the end of the year,” the draft report said, “2010 could be the first year in a decade in which the quantity of logged events declines.”
(U) The count conflicts with statements made by William Lynn, deputy defense secretary, over the past year and also with testimony from Army LTG. Keith Alexander, the newly installed commander of US Cyber Command. Alexander testified during his Senate confirmation hearing in April that he is “alarmed in the increase, especially this year” of the number of probes into DOD's computer networks. In May, Lynn told reporters at the US Strategic Command Cyber Symposium pointed to a growing and volatile cyber threat. “The Internet doesn’t respect sovereignty,” Lynn said. “The cyber threat doesn’t track well with the history of traditional military power. We can’t predict where the threat will come from.”
(U) Industry is also invoking the gravity of increased cyber attacks. “There is no question we are in the midst of a cyber war,” the vice president of threat research at McAfee, said in April at the RSA Security Conference in San Francisco. It appears the public has bought into the fears. A survey by Narus, Inc., which analyzes cyber intelligence, reported Oct. 6 that 93 percent of the security professionals it queried believe cyber attacks are increasing, and 88 percent think the government is not equipped to protect itself.
(U) Cybersecurity experts caution that the US-China Commission’s report may not accurately reflect the true landscape of DOD cyber threat. “A decline in successful intelligence events does not correlate directly into a decline in the potential for military attacks using cyber techniques,” said the, director and senior fellow of the Technology and Public Policy program at the Center for Strategic and International Studies. “We could be facing a greater risk of attack by sophisticated opponents even if the number of successful accessions to DOD networks has decreased.” The commission’s report does recognize that the
reduced number of threats could be attributed to an improved DOD cybersecurity stance, acknowledging that the decrease “may or may not represent a decrease in the volume of attempts to penetrate defense and military networks.” According to the McAfee vice president, the report incorrectly correlates malicious cyber activity with risk. “DOD might have cut down on the number of low level exploits, but we could still be seeing as many high level cyber incidents. We can't tell from this,” he said.







Cyber Terrorism and Information Warfare (Terrorism: Documents of International and Local Control, Second Series.Volumes 5-8.)

No comments:

Post a Comment