RSA 2011: Terrorist groups pose most dangerous cyber threat

Lynn admitted that he has no idea how much of our current IT technology works, but thankfully many in the US armed forces are “digital natives” and have a more thorough understanding. It is this advanced information technology capability that makes the US military such a formidable fighting force, he contended.

This same technology, however, “also introduces enormous vulnerabilities”, Lynn added. He then recounted the tale of how classified military networks were compromised in 2008, when a foreign intelligence agency used a USB thumb drive to pull off a heist that Lynn said was thought impossible by those at the Department of Defense.

“Unfortunately the cyber threat continues to mature that far exceeds the 2008 breach of our classified systems”, Lynn warned.

Currently, the Deputy Secretary continued, the most frequent cyber threat has involved network exploitation that has permitted data leakage on both government and commercial systems. Over the long term, he asserted, this type of threat has a “deeply corrosive impact – it blunts our edge in military technology and zaps our competitiveness in the global economy”.

Lynn then went on to discuss the network disruption capabilities that politically motivated entities, such as the Anonymous hacker group that launched denial of service attacks against several major corporate websites, and similar attacks affecting the Estonian and Georgian government websites. As much as these were a nuisance, he foreshadowed a more dire scenario on the horizon, and perhaps the future of cyber warfare.

“The most dangerous cyber threat is destruction, where cyber tools are used to cause actual physical damage. This development, which marks a strategic shift in the cyber threat, is only just emerging”, he said. “But when you look at the cyber tools that are available, it is clear that this capability already exists.”

Lynn envisioned possible attacks against military networks, or national infrastructure, which could cause widespread harm, economic damage, or even a loss of life. He said such attacks may never occur, but that, “regrettably, however, few weapons in the history of warfare, once created, have gone unused.”

Nation-states, in Lynn’s analysis, are more likely to engage in the exploitation and disruption of networks in today’s environment, a means well within many nation’s capabilities. It is the last part of what he called the “cyber threat ladder” – that being destruction – that is far more unlikely on a state-sponsored level, although the malicious intentions of rogue states cannot be discounted.

Nations, on the whole, are less likely to conduct destructive cyber warfare for fear of a US military response, Lynn noted, but these most severe forms of attacks will undoubtedly be one arm of any future “conventional” military conflict.

“Perhaps the greatest concern, in our judgment, is a terrorist group that gains the level of disruptive and destructive capability currently possessed by nation-states”, Lynn said. Al-Qaeda, he reminded the audience, has vowed to unleash a cyber warfare volley, but has yet to deliver on its promise.

“It’s possible for a terrorist group to develop cyber attack tools on their own, or even to buy them on the black market. As you all know better than I”, he told the RSA crowd, “a couple dozen programmers wearing flip flops and drinking Red Bull can do a lot of damage. With few tangible assets to loose in a confrontation, terrorist groups are difficult to deter. We have to assume that if they have the means to strike, they will do so.”

The Deputy Defense Secretary then concluded with a sobering plea: “We need to develop stronger defenses before this occurs. We have a window of opportunity, of uncertain length, in which to gird our networks against more perilous threats.”

What’s hot on Infosecurity Magazine?