U.S. CyberSpace Vulnerabilities
By Rachel Ehrenfeld
Tuesday, May 20th, 2014 @ 4:54AM
Cisco Systems’ CEO John Chambers’s letter asking President Obama to personally intervene to stop the National Security Agency from intercepting and planting surveillance software in the company’s equipment before it is shipped to customers around the world is likely to further curtail the agency’s spying capabilities.
This letter overshadowed the news of charges against Chinese military hackers who will never be brought to justice in the U.S. The indictments will do nothing to increase the U.S. cybersecurity. On the contrary, together with Chambers’s letter they are likely to be used to incite more attacks on U.S. cyberspace.
While there is a growing concern about the cyber hacking and theft of immeasurable quantities of intellectual property harming our economy, we also face growing threats of purposeful interferences such as spoofing or jamming to our communication systems and devices dependent upon the U.S. Global Positioning System. Yet, a large number of radio frequency jamming devices are advertised and sold in the U.S. despite the 1934 Communications Act that strictly forbids the manufacturing, marketing and importation of jamming devices into the U.S. Apparently, the Federal Communications Commission’s enforcement efforts are not enough to curtail this problem.
Moreover, there is little, if any, public concern regarding possible interference with Coordinated Universal Time (UTC), which provides the essential synchronization critical to every large or small digital system and device that our critical infrastructures have become dependent upon.
The rapid pace at which cyber-related architectures and wireless technologies are evolving and integrating makes us more efficient and more vulnerable at the same time. Our military services , for example, have grown increasingly reliant upon vulnerable terrestrial and space-based wireless technologies, increasing the risk to our nation’s military logistics and actual war fighting abilities.
The National Institute of Science and Technology (NIST), at the Department of Commerce, is the federal agency in charge of communicating UTC to critical systems and all other networks. Earlier this month, NIST released the latest draft of its Guide to Industrial Control Systems (ICS) Security, seeking public comments.
Indeed, well-defined standards governing cyber-defense methodologies, whether mandated or voluntary, would greatly simplify today’s confusing muddle. For example, while there is worry about the vulnerability of the electric grid and communication systems, we are slow to put in place dedicated, individual systems and backup, as well as the most advanced communication security applications, such as physics-based Quantum Cryptology, which was developed by scientists at Los Alamos National Laboratory.
STRATCOM leads the Purposeful Interference Response Team as the only U.S. government multi-agency coordination body for cases of suspected purposeful interference with space systems of federal interest. Because purposeful interference can pose an existential risk to our military preparedness and operations, as well as our civilian critical infrastructure — communication, first responders, transportation, finance and more, there is an immediate need for Congress to demand an assessment of the nation’s current abilities to identify, assess, and remedy purposeful interference events, which are likely to increase as the NSA’s capabilities are likely to be curtailed.