Breached: Cyber attackers waging war on our nation’s most sensitive information
By Tina Williams, CHHS Research Assistant
Millions of Facebook and Twitter members know how easy it is to get insight into people’s private lives. And most of us can quickly spot a spam or scam e-mail. But most of us DON’T know how determined cyber attackers can be to get private and sensitive information. It’s not just individuals or companies targeted in cyberspace; the United States government is a prime target. The stakes have been raised. Cyber attacks aren’t just about the thrill or financial gain. Some adversaries are after military intelligence in order to gain a strategic advantage in war – both those currently being waged, and those rumored.
Government Executive, in conjunction with ArcSight®, published a recent report about the 10 biggest U.S. federal breaches ever. The list includes WikiLeaks, Veteran Affairs, RSA-Lockheed, Operation Buckshot Yankee, Stuxnet, Attacks on National Laboratories, Senate Hacked, Drone Intercepts, FAA Intrusion, and Pentagon Files. What you will notice in reading this report is that the earliest date of these ‘biggest ever breaches’ is 2006, and the most recent listed is July 2011. The history of cyberspace obviously pre-dates 2006, so this shows cyber attackers are only increasing their ability to implement breaches at the highest levels.
In a recent Foreign Affairs publication, U.S. Deputy Secretary of Defense, William J. Lynn III, plainly conveyed that cyberspace is a new domain of warfare, adding to land, sea, air, and space, which the U.S. needs to defend. In the article, Deputy Secretary Lynn goes on to layout the framework for the Pentagon’s cyber strategy. A critical piece of this strategy is the creation of the U.S. Cyber Command, headed by General Keith B. Alexander, and located in Fort Meade, Maryland. According to Deputy Secretary Lynn, the Command is intended to serve three purposes:
1. “Lead the day-to-day protection of all defense networks and support military and counter-terrorism missions with operations in cyberspace”;
2. “Provide a clear and accountable way to marshal cyber-warfare resources from across the military”;
3. “Work with a variety of partners inside and outside the U.S. government.”
What is important to note, as this article does, is that breaches of federal systems are not the only ones that have national security and warfare implications; much of our U.S. critical infrastructure is owned and operated by private industries, and a breach of this infrastructure has serious implications domestically, and on foreign soil. Suffice it to say, cyberspace is not quite Kansas anymore, if it ever was, and as for cybersecurity awareness, this is not a game. The intent of this article though, is not to scare you, but rather to raise your awareness. If you are employed by the federal government, or any corporate entity, or even if you just use the Internet for your own personal purposes, you play a part in keeping cyberspace safer. In fact, here’s a pledge you can read and sign to solidify your commitment to keeping cyberspace a safer place: (link no longer available)