CyberSecurity Promises. Again.

By Rachel Ehrenfeld
Monday, May 18th, 2015 @ 12:13AM

Facebooktwittergoogle_pluslinkedinmailFacebooktwittergoogle_pluslinkedinmail
Print Friendly, PDF & Email

Right: Hackers who claim to be affiliated with the Islamic State group released a video threatening “electronic war” on the United States and Europe, Monday, May 11, 2015. Youtube —  

Concluding the Camp David Gulf Cooperation summit, President Obama promised to help secure the Gulf States from cyber attacks by Iran and ISIS.  He announced that a working group will be formed to “consider methods to better secure their military and critical infrastructure networks “against potential terrorist-launched cyberattacks” The U.S. would also help setting the Gulf States to up to creating  “national policy workshops, and improve information-sharing.”

Earlier this year, in his closing remarks of the Summit on Countering Violent Extremism, President Obama acknowledged al Qaeda’s and ISIS expert-use of the Internet to recruit “young people online, in cyberspace.”

His concern  may sound reassuring only if one was unaware that the U.S. government is failing to counter ISIS social media campaigns at home, and more troubling is the failure to adequately secure its own military, critical infrastructure, communication, transportation and financial institutions from cyberattacks.

Public warnings about U.S. vulnerability to cyber attacks are not new. Popular Mechanics’ April 2009 cover story asked “How Vulnerable is U.S. Infrastructure to a Major Cyber Attack?”

The article warned that computer hacking “could use the very computer systems that keep America’s infrastructure running to bring down key utilities and industries, from railroads to natural gas pipelines. “ Since then the threat to and attacks on all our electronic systems and devices has only increased.

Vice Chairman of the Joint Chiefs of Staff Adm. James Winnefeld Jr. warned on May 14, “We’re hemorrhaging information at a dizzying rate, evidenced by the uncanny similarity of some of our potential adversaries’ new platforms to those we’ve been developing.”  Tellingly, this remark was made at a West Point cyber conference on the same day Obama was declaring his promise to help the GCC “is not just a photo-op.”

But as evidenced by growing cyberattacks on American interests at home and abroad, the U.S. has not managed to secure its cyberspace, Moreover, very little, if any, is done to develop active cyber defenses.

According to a GAO, government agencies are not doing a very good job of responding to cyberattacks. And Cyber experts in different meetings in the U.S. since the beginning of this year “criticized the lack of security information sharing at several federal agencies and encouraged the government to provide more intelligence to the private sector.

In addition to intelligence and law enforcement warnings, Securities and Exchange Commission Chairman Mary Jo White, also noted last week her concern that cyberattacks represent the “biggest systemic risk” facing the U.S, ”and that government officials may not be tackling the range of cyber vulnerabilities in an optimal manner.

Indeed, Iranian, Russian and North Korean hacking of financial institutions, as well as government systems seem to occur over a long period of time before they are discovered.  Private industries are reluctant to publicly admit the attacks and the government discloses what it must.

Iranian and ISIS cyber threats should worry not only the Gulf States.

While a few ISIS leaders have been killed, the number of their Western-educated and trained cyber expert supporters is growing. They  already declared that their successful social media campaigns were just appetizers for their Cyber Jihad.

At the Camp David Gulf Cooperation summit, President Obama promised to help secure the Gulf States from cyber attacks by Iran and ISIS.

He announced that a working group will be formed to “consider methods to better secure their military and critical infrastructure networks “against potential terrorist-launched cyberattacks” The U.S. would also help setting the Gulf States to up to creating  “national policy workshops, and improve information-sharing.”

Earlier this year, in his closing remarks of the Summit on Countering Violent Extremism, President Obama acknowledged al Qaeda’s and ISIS expert-use of the Internet to recruit “young people online, in cyberspace.”

His concern  may sound reassuring only if one was unaware that the U.S. government is failing to counter ISIS social media campaigns at home, and more troubling is the failure to adequately secure its own military, critical infrastructure, communication, transportation and financial institutions from cyberattacks.

Public warnings about U.S. vulnerability to cyber attacks are not new. Popular Mechanics’ April 2009 cover story asked “How Vulnerable is U.S. Infrastructure to a Major Cyber Attack?”

The article warned that computer hacking “could use the very computer systems that keep America’s infrastructure running to bring down key utilities and industries, from railroads to natural gas pipelines.” Since then the threat to and attacks on all our electronic systems and devices has only increased.

Vice Chairman of the Joint Chiefs of Staff Adm. James Winnefeld Jr. warned on May 14, “We’re hemorrhaging information at a dizzying rate, evidenced by the uncanny similarity of some of our potential adversaries’ new platforms to those we’ve been developing.”  Tellingly, this remark was made at a West Point cyber conference on the same day Obama was declaring his promise to help the GCC “is not just a photo-op.”

But as evidenced by growing cyberattacks on American interests at home and abroad, the U.S. has not managed to secure its cyberspace, Moreover, very little, if any, is done to develop active cyber defenses.

According to a GAO, government agencies are not doing a very good job of responding to cyberattacks. And Cyber experts in different meetings in the U.S. since the beginning of this year “criticized the lack of security information sharing at several federal agencies and encouraged the government to provide more intelligence to the private sector.

In addition to intelligence and law enforcement warnings, Securities and Exchange Commission Chairman Mary Jo White, also noted last week her concern that cyberattacks represent the “biggest systemic risk” facing the U.S, ”and that government officials may not be tackling the range of cyber vulnerabilities in an optimal manner.

Indeed, Iranian, Russian and North Korean hacking of financial institutions, as well as government systems seem to occur over a long period of time before they are discovered.  Private industries are reluctant to publicly admit the attacks and the government discloses what it must.

Iranian and ISIS cyber threats should worry not only the Gulf States.

While a few ISIS leaders have been killed, the number of their Western-educated and trained cyber expert supporters is growing. They  already declared that their successful social media campaigns were just appetizers for their Cyber Jihad.

As for Iran, the falling sanctions and financial “bonuses” for agreeing to humor Obama and negotiate an agreement will allow them to develop nuclear weapons will no doubt be used to also increase its cyber weapons capability, especially against the ill-prepared U.S. and the Gulf States.

 

FOLLOW US
Facebooktwittergoogle_pluslinkedinyoutubeFacebooktwittergoogle_pluslinkedinyoutube


Categories: China, Cyber, Cyber security, CyberAttacks, GCC, Iran, ISIS, ISIS/IS, Islamist, Jihad, Latest News, Russia, SCC, U.S. Policy, UAE