A recent speech by Secretary of Defense Leon Panetta on cybersecurity to the Business Executives for National Security highlights the urgency of ramping up U.S. efforts to thwart cybercrime. Secretary Panetta noted that in recent weeks, some large U.S. financial institutions were hit by so-called distributed denial of service attacks that delayed or disrupted services on customer websites. "While this kind of tactic isn't new, the scale and speed with which it happened was unprecedented," he said.
The U.S. banking and financial sector must be prepared for state-sponsored cyberattacks that will focus more on disrupting financial transactions rather than stealing funds. A loss of confidence by the public in the financial infrastructure will be more devastating than the potential loss of millions of dollars. It is for this reason that Secretary Panetta believes China may want to ally with the U.S. to fight rogue nations, like Iran, which is being credited by unnamed American intelligence officials for the recent string of disruptions at major banks. China has a significant interest in the success of U.S. banking given their financial investments in U.S. government debt, deposits and other securities.
The recent growth of state-sponsored cyberwarfare is very troubling and certainly not limited to the recent attacks by Iran. Stuxnet was a computer worm that was used to target Iranian installations suspected of enriching uranium in 2010. Many believe that either the U.S. or Israel was behind this sophisticated attack. Its use can be considered a great achievement given that sanctions against Iran have been largely ineffectual. Nevertheless, these successes are sure to inspire rogue nations to adopt similar tactics. As Panetta noted, it's no secret that Russia and China have advanced cyber-capabilities. Iran has also undertaken a concerted effort to use cyberspace to its advantage.
The fight against cybercrime will be difficult, considering that there are so many enemies of the state. We have recently witnessed criticism of big banks, and financial companies, by hacktivists, like Anonymous and AntiSec, who have followed up with serious network security breaches. Historically, we have been fighting to protect intellectual property against the Chinese and numerous other nations and now we have the added dimension of sophisticated state-sponsored attacks on our critical infrastructure.
Panetta has made clear that the U.S. is the best in the business at mitigating these daily threats. While this may be true, we must question whether we have enough professionals to secure critical networks in the U.S. The monetary commitment by the Obama Administration exists through the numerous initiatives laid out by the President for cybersecurity. Panetta noted in his speech that the Department of Defense is allocating $3 billion annually to cybersecurity.
But adequate staffing remains a glaring issue. Students are not being enticed into becoming technology majors and, moreover, a large percentage of those that do graduate with a programming or computer science degree are foreign-born. This pool of talent will not have the opportunity to work for a government agency since they are not U.S. citizens. Additionally, the banking and financial sector will need graduates with computer forensics expertise or at least have a plan to train them onsite.
It is critical that universities increase their focus on computer forensics because it is very different from computer security. We need more experts who can investigate what happened and identify the perpetrators of attacks rather than simply focus on protecting our critical infrastructure.
Be the first to comment on this post using the section below.