Great Decisions 2012 Preview: Cybersecurity

The Great Decisions briefing book and television series on PBS take a closer look at cybersecurity, defense in the digital age. As cyber attacks continue to occur at a breakneck pace, is the U.S. at risk? For more in-depth analysis, order the 2012 briefing book and DVD.

 

Current Situation

As reports of cyber attacks continue to mount, it seems that the newest prolific threat to governments, companies and individuals is cybersecurity. Testament to the growing international problem, President Obama announced that cyber attacks have become "one of the most serious economic and national security threats our nation faces." In recent years, hackers have managed to access everything from costumers' credit card numbers to government officials' emails, prompting an increase in anti-theft technology and internet security companies. Security experts announced in August 2011 a report of the largest series of cyber attacks to date- dubbed Operation Shady RAT- which in five years has affected 72 organizations (including the United Nations), governments and companies worldwide. Sparking further panic, the report called the cyber-spying highly sophisticated, and most likely the work of an unidentified nation state. In response to these exigent threats, the Obama administration has called for a global cybersecurity strategy, which would include international computer security standards and encourage governments to implement stricter intellectual property theft laws. Domestically, President Obama has appointed a Cybersecurity Coordinator, and is in the process of proposing cybersecurity legislation to Congress. In the face of sudden international attention, just how threatening are cyber attacks and what is being done to counter their growth?

 

History

From 2009-2010, the number of cyber attacks increased by over 400 percent. Some of the biggest recent security breaches include an attack on Sony that accessed personal information (including emails, logins, passwords, and credit-card numbers) of over 100 million customers, and the exposure of 360,000 Citigroup members’ account numbers. Other targets in the past year include Adobe, Lockheed Martin (the largest U.S. security contractor), Google, PBS, and even the IMF and the CIA. Yet cyber threats are not new. In the 1980s, famous hacker Kevin Mitnick made headlines and the FBI wanted list for breaking into academic and corporate computer systems. Then in the 1990s, wide-spread viruses initiated the multi-billion dollar anti-virus software industry. The first use in 2000 of an attack called denial-of-service (DoS), which paralyzes websites and concurrently, banking systems and cell phone operations, sparked fears of cyber warfare’s potential. The revelation in 2010 of a cyber attack that caused considerable damage to Iran’s nuclear facility at Natanz crossed a Rubicon, according to former National Security Director General Michael Hayden. “Stuxnet”, as it was called, took over the control system of a cascade of centrifuges, effectively causing them to self-destruct. Here, the fear of using cyber attacks to cause physical damage was realized. As the number, severity and potential of cyber attacks has grown, so has the response.

 

 

Challenges

Like terrorism, the fear of cyberthreats is an attack launched from anywhere, against any target. As the world now operates online, the threat of sensitive information leaking is greater than ever. Network technologies have now become crucial in business, yet this rapid information sharing comes with greater risk. Similarly, network control of industrial systems, such as electric grids, pipelines, or water systems exposes entire infrastructures to threats. For governments, this includes a new multitude of potential enemies. Many are quick to accuse China, most recently in response to the series of attacks on governments and top international organizations. China has strict internet restrictions, but lax rules over intellectual property, and is notorious for supporting research in cyber-warfare. The 2010 stealing of Google source code by Chinese hackers has aided speculation. However, perhaps the most difficult aspect of handling cyber attacks is their anonymity. One expert notes the multitude of actors- cyber-criminals, cyber-terrorists, cyber-spies- each with different motivations and goals; it is difficult to discern what type of hacker is the greatest threat, and how to retaliate if the attacker is revealed. Another key challenge is how to implement a comprehensive strategy, when most cyberspace infrastructure lies in the private sector, resistant to government regulation or oversight. There is clearly a difficult balance between internet freedom and internet security.

 

Opportunities

President Obama has taken key strides towards addressing the issue of cybersecurity both domestically and internationally. A Cybersecurity Office, part of the National Security Staff, is run by Cybersecurity Coordinator Howard Schmidt, who doubles as a “special assistant” to the President. With the help of the Homeland Security Advisor and the Secretary of State, in May 2011 Schmidt announced the first comprehensive International Strategy for Cyberspace, which set proposals and an agenda for combating a multitude of global cyber threats. Despite accusations, China has asserted that it too is susceptible to cyber attacks; in July, Foreign Minister Hong Lei expressed China’s desire to work cooperatively with the international community to address the issue. In 2009, President Obama called cyber attacks, “weapons of mass disruption”. Though it is unlikely that the U.S. faces an imminent threat of cyber war, it is clear that governments, international organizations, and companies will need to adapt alongside expanding technology- and the new threats it brings. 

 

Key Questions

  • Should cyberthreats be a national priority?
  • Is the U.S. at risk of cyber-attacks, or cyber warfare? What is the difference between the two?
  • What constitutes a cyber threat?
  • What countries/entities are the most sophisticated at carrying out cyber attacks?
  • What actions is the U.S. taking to defend itself from attacks?
  • Should the U.S. engage in cyber warfare?
  • Should there be greater national internet oversight? Should cyber threats be handled privately or through the government?
     

This Great Decisions 2012 Brief was written by Sarah Marion Shore


Order Great Decisions