GDTV Interview: Michael Chertoff on Cybersecurity

 

---

 

---

What is a cyber threat and is it a national security issue? What is the U.S. doing to shore up its cyber security?
 

“Well one study estimated that $1 trillion in intellectual property has been stolen using cybertools over the last several years. We’ve seen some high profile occasions when there have been intrusions, sometimes for criminal purposes, sometimes to steal intellectual property, sometimes actually to commit acts of war, we say that in 2007 in Estonia and 2008 in Georgia. In 2007 and 2008 the Department of Homeland Security and the Director of National Intelligence, the National Security Agency and other elements of the government put together a comprehensive national cybersecurity initiative. The idea was to really, top to bottom, have a strategy that would address this problem, which was growing and continues to grow. That strategy was launched, it has moved along, perhaps not quite at the speed I would like to see it move, and it reflects I think what is probably, in my view the biggest, most serious unanswered threat to the security of this country, which is the threat through cyberspace.”

 

 

Where does a cyber attack come from? Who perpetrates cyberthreats?

 

“It comes from all kinds of different sources. We have had very sophisticated criminal groups, that have been involved in stealing millions of credit card numbers, and millions of dollars in money from private people; we’ve had the theft of intellectual property sometimes by other businesses, sometimes by nation states; we’ve had hactivism, where groups for political purposes decide they want to create a denial of service attack, directed against a particular site or series of sites; and we’ve also had the fear, that at some point someone might actually use cyber tools to degrade or destroy a critical piece of infrastructure, for example our electric grid or our air traffic system. Now that hasn’t happened yet, but the potential is clearly there and I think it’s something that worries, rightfully, a lot of people.”

 

 

Which of these threats is most dangerous from a national security point of view? 

 

“In terms of consequence, the highest consequence, most sophisticated attacks are likely to come from a nation state; those are the actors who are the most capable of mounting a very high level, advanced, persistent threat. That being said, sometimes there are private groups, or groups that are perhaps quietly sanctioned by nation states that are quite sophisticated as well. And they may be operating on political agendas, they may be operating out of a desire to gratify some kind of urge to create mischief, or they can be simply criminals, who are trying to either extort money or steal money using the internet as the tool to do that.”

 

 

At what point does a cyber attack become an act of war or threaten national security in a serious way?

 

“Well a huge debate now is whether there is such a thing as cyber war. In my view the answer is clear if you look at 2008 for example, when Russia invaded Georgia, the movement of troops was accompanied by a cyberattack designed to degrade the commanding control system. So we’ve seen examples of cyberwar, and there’s no question we could see other examples. A harder question is what is the line between cybercriminality and cyberwar? My own view is that theft of information, as serious as it is and as damaging as it is, probably doesn’t warrant being categorized as cyberwar, any more than espionage during the Cold War was deemed an act of war. On the other hand, when you start to actually destroy or degrade critical infrastructure systems, potentially with a loss of life and huge economic damage, you are getting into what I would consider cyber warfare. And there we need to develop a doctrine, and a strategy, and a set of articulated policies about what we will do if we are under cyberattack.”