U.S. Must Develop Cyber Intelligence To Counter Computer Threats: Study

By LOLITA C. BALDOR 09/12/11 06:54 AM ET Associated Press

React

share this story

Get Technology Alerts

Submit this story

WASHINGTON -- A new study warns that the U.S. must develop cyber intelligence as a new and better coordinated government discipline that can predict computer-related threats and deter them.

The report by the Intelligence and National Security Alliance says the dramatic expansion of sophisticated cyber-attacks has moved beyond acceptable losses for government and businesses that simply threaten finances or intellectual property.

"The impact has increased in magnitude, and the potential for catastrophic collapse of a company has grown," said the report, which is slated to be released later this month. It adds that it is not clear that the business community understands or accepts that.

The report comes amid growing worries the U.S. is not prepared for a major cyberattack, even as hackers, criminals and nation states continue to probe and infiltrate government and critical business networks millions of times a day.

INSA, a non-partisan national security organization, says the U.S. must develop strategies beyond the current "patch and pray" procedures, create cyber intelligence policies, coordinate and share intelligence better among government agencies and businesses, and increase research on attack attribution and warnings.

And it says the U.S. must develop effective cyber intelligence so officials can assess and mitigate the risks.

Many of the report's observations echo sentiments expressed by Pentagon and Department of Homeland Security officials who have been struggling to improve information sharing between the government and key businesses. But efforts to craft needed cybersecurity legislation have stalled on Capitol Hill.

INSA's report also lays out the growing threats from other nations – including those who are friendly, corrupt or just unable to control hackers within their borders.

While it doesn't name the countries, it notes that failed states provide opportunities for hackers, as they do for criminals and terrorists, while other nations tolerate the criminals as long as they concentrate their activities beyond their borders.

U.S. officials have long pointed to Russia and China, as well as a number of Eastern European nations, as some of the leading safe havens for cybercriminals, or government-sponsored or tolerated hacking.

At the same time, the report warns that the U.S. has also outsourced much of the design and maintenance of computer technology to other countries where potential adversaries can easily insert themselves into the supply chain.

"The present situation is as dangerous as if the United States decided to outsource the design of bridges, electrical grids, and other physical infrastructure to the Soviet Union during the Cold War," said INSA, which is headed by Frances Townsend, who was homeland security adviser in the Bush administration.

Much like the criticism of the overall intelligence community in the aftermath of the Sept. 11 attacks, the INSA report says that cyber intelligence needs better coordination among government agencies, as well as with the private sector.

___

Online:

FOLLOW HUFFPOST TECH

Facebook:

72k

Twitter:

Get Alerts

CONTRIBUTE

TO THIS STORY

Comments
499
Pending Comments
0
View FAQ

Comments are closed for this entry

View All

Favorites

Recency |

Popularity

Page: 1 2 3 4 5 Next › Last » (17 total)

Karen Hamm

42 Fans

10:24 AM on 09/13/2011

Working in the arena of cyber security, one of the things I have noticed is how reluctant the companies are to invest in security for their IT departments. Since it isn't a revenue producing area, they tend not to make it a priority for most fortune 500 companies. It is time that shareholders hold their feet to the fire. These investments MUST be made, because everyone that is associated with them, (Shareholders, customers) is literally a click away from having their personal information exposed.

It is an investment,, because it requires layers of security for these companies. Perhaps the CEO's and their teams do not need to make the millions of dollars in bonuses and the companies use that money to invest in their security infrastructure. I know right? There will be another Sony and soon. I say it is greed and people need to hold their feet to the fire on this particular issue.

Permalink | Share it

HUFFPOST SUPER USER

dtallwalk

124 Fans

09:10 PM on 09/12/2011

Haven’t these guy seen the study on how the tax payers are not in the mood to fund
Research to save the big Corporation form cyber attacks. Make them do their own research
And get their own funding. I say let’s fix a school of a bridge first.

Rose Morris

208 Fans

08:03 PM on 09/12/2011

Um . . . this is nothing new. They (the Gubmint) has been talking about this since W's presidency. The term thrown around was Cyber Command, and several cities bid for the rights to house the new entity. It was supposed to include experts from the real world, as well as experts from all service branches. Bossier City, LA threw money hand over fist to win the new command (Barksdale is already there): a high-dollar office complex, private sector housing developments, etc. because they were assured they were a shoe-in. Surprise, surprise, surprise! A new Air Force general threw those plans out, and Bosser City got stuck with the huge bill but no jobs to show for it.

rockymtnal

The spaces between your words make the most sense.

174 Fans

07:17 PM on 09/12/2011

And this is supposed to be news? The cyber threat to national security has been known for at least 40 years...even before the Internet.

dojinho

Governments lie. – Howard Zinn

103 Fans

06:45 PM on 09/12/2011

More "experts" call for more "security".

Are they the same experts that said the war Iraq was necessary to counter the WMDs? Or that U.S. soldiers would be treated as "liberators"?

These so-called "experts" are paid to come up with reports that guarantee more income for their sponsors. It's the same for the global-warming denyers paid by oil corporations to create "uncertainty" about the issue...

sierra496

26 Fans

06:41 PM on 09/12/2011

FBI, CSI, NSA. What more needs to be said? If you think that you aren't being monitored by NSA then you are dumber than a box of rocks! Of course you've read how the government has access to all browsers without a person knowing about it? Sometimes a person never knows when his rights are being violated!

El Justiciero

HP mods have NO sense of humor, obviously

532 Fans

05:53 PM on 09/12/2011

Cyber Intelligence?! Haven't you seen what happened in Terminator?

SiriusGD

Don't twist my words... I am part of the 99%

56 Fans

05:07 PM on 09/12/2011

I have mixed feeling about this. On the one hand, I don't want them (the government) smart enough to hack my home network that is WPA2. But if you look up "the Cuckoo's Egg" and read the true story of hackers back in the '80s cracking into military systems from east Germany you'll understand that we are attacked all the time. The book is a great read btw...

RedDogBear

678 Fans

02:06 PM on 09/13/2011

I would bet that the NSA could already hack into your home network if they really wanted to.

02:42 PM on 09/13/2011

I'm sure they could, but it would take a lot of computer resources to crack a "pass-phrase". (WPA2) I'm just not that important... ;-)

There are More Comments on this Thread. Click Here To See them All

Unca Allen

Tyranny will rise when you do nothing

1664 Fans

04:56 PM on 09/12/2011

Al-qaeda and the unstoppable drug cartels use couriers for ulta sensitive information. We might take a page from the books of crooks.

This user has chosen to opt out of the Badges program

OneFish

Various and assorted mutualistic microbial buddies

311 Fans

06:11 PM on 09/12/2011

I'm sure we do, for things that actually matter.

03:09 PM on 09/13/2011

Virtually all the stories you read about hackers breaking into government and military computers are blown way out of proportion. The DoD has very well defined hardware, software, and policy standards defined for data that is truly secret. The stuff that people hack into is almost never any truly sensitive data. More like old powerpoint slides and reports that no one probably read in the first place. IMO the reason this isn't brought up is that there is a whole new branch of the military industrial complex hoping to scare us into more massive funding to defend against threats that aren't really there.

Americans will spend billions on anything that is related to "security" but nothing on things like schools, healthcare, etc. which could save and improve quality of life infinitely more.

intotheabyss

Imperialism is a form of insanity.

764 Fans

Are we supposed to infer from this article that the US doesn't try to hack into other countries computer systems or that rival businesses don't? Seriously? Are we supposed to be that naive?

1776 or 1984

IT'S AN EMPIRE, NOT A REPUBLIC!

846 Fans

04:37 PM on 09/12/2011

For every Chinese or teenager "attacking" US computers I'm sure there is 100 "attacks" first going the other way. And you can be dang sure that eventually they want to know everything we are typing anywhere, anytime, etc. in the name of protecting us.

04:57 PM on 09/12/2011

Yup.

03:10 PM on 09/13/2011

I agree. I also think that most of the attacks coming this way ARE just teen agers or more or less harmless nerds but there is no money to be made by saying that.