The former US ambassador-at-large for counter-terror, Infosecurity notes, has a healthy track record of predicting such emerging threats. Back in the summer of 2001, the month before the 9/11 terrorist attacks, it was Black and his colleagues at the CIA who warned then-Secretary of State Condoleezza Rice and the Bush administration that al Qaeda was poised to strike within the United States, a story he recounted for the audience gathered at Caesars Palace in Las Vegas.
Pre-9/11 wisdom held that terrorism was sponsored by state actors, Black noted, and that organizations such as al Qaeda were mainly viewed as financiers of the operations. While the threat was real, and occasionally showed itself, most of the world’s major powers could not validate that terrorism would be a threat at home.
There are very real parallels with today’s IT, and how it can be used as a weapon of war, he added. “Over time, as you identify problems and threats, there is a delayed validation” of its significance, Black observed.
Why is this the case, he postulated? “Men’s minds have difficulty adapting to things with which they have no personal experience”, he continued. It’s for this reason, Black asserted, that gatherings like Black Hat are so important, “to help people to develop an appreciation of where to deploy resources”.
A New Kind of Warfare
The former ambassador sees a far more complex world going forward with respect to combating terrorism, even with the recent demise of Osama bin Laden and the continued weakening of al Qaeda’s leadership. This is because he envisions the organization retreating into more stealthy endeavors that require fewer resources yet still have the ability to yield maximum impact.
“It is now your turn, whether you really know it or not”, the counter-terrorism expert told the Black Hat audience. “The issues you are involved in – attack and defense – are [being] valued by the decision makers”.
Evidence of this new appreciation for cybersecurity can be found in the intelligence community’s grading of possible terror threats, he noted. While concerns for kinetic (explosive) or bacteriological attacks still remain, the real possibility of terrorist-sponsored cyber attacks has given rise to a new kind of warfare.
And Black believes this concern is not all hype. “The Stuxnet attack is the Rubicon of our future”, he declared. No longer are electronic threats the realm of cybercriminals seeking a quick buck, or a college prank, Black asserted. “It has morphed into physical destruction – physical destruction, from the victim’s view, of a national resource...it brings with it the viability of a kinetic counterstrike”.
Black closed by stating that the future of cyberattacks would be a very delicate situation, keeping in mind the responsive strike capabilities that victimized nations may contemplate.
“First it was the Cold War, then the global ‘War on Terrorism’, and now we have the ‘Code War’,” he said. Cyber will be a key component of any future conflict, whether it is with a nation-state, rogue state, or terrorist groups.”