Google cyber attacks a 'wake-up' call for US, intel chief says
Director of National Intelligence Dennis Blair warns that the US could face a crippling cyber attack, as cyber threats grow in scope and sophistication.
(Page 2 of 2)
"Many [of the most sophisticated attackers] have the capabilities to target elements of the US information infrastructure for intelligence collection, intellectual property theft, or disruption," Blair said.Skip to next paragraph
Subscribe Today to the Monitor
Countries see repeated cyberattacks
More than half of the 600 IT managers operating critical infrastructure in 14 countries reported being recently hit by "high-level" adversaries such as organized crime, terrorists or nation states, according to a new global survey of information technology executives by the Center for Strategic and International Studies in Washington late last month.
A majority of the group hit, 59 percent, said they thought their computer networks and controls systems were under "repeated cyberattack, often from high-level adversaries like foreign nation-states."
Blair's comments might be news to the Senate, but cybersecurity experts face these threats daily. The "persistent" threat he referred to, for instance, is known widely as the "Advanced Persistent Threat" or APT within the security community. It's also shorthand for state-sponsored "foreign intelligence" operations and sometimes just "China."
"These are not ‘slash-and-grab jobs’,” says Rob Lee, a director at Mandiant, a leading cyber security firm. "The goal of the intruder is to occupy the network. These are professionals, not people doing this at night. This is someone's full-time job from the initial breach to lateral movement across the network, the actual occupation, then the exfiltration of data - there are clear lines of responsibility between different actors going on."
Is China to blame?
According to Mr. Lee and other experts, the common thread in the APT is connected to China. Among 40-45 very sophisticated attacks in the past year, about two-thirds were “China related,” he said.
Shawn Carpenter, principal forensics analyst at NetWitness Corporation, concurs. He says that in a number of cases he has traced malware code back to Chinese hacker sites and to Chinese character sets in software compilers used to create the code. "You can put together some pretty compelling links that trace their way back to China," he says.
Follow us on Twitter.