Wednesday, August 24, 2011

BlackHat 2011: Cyberwar is Coming
- Ex-CIA Official Warns Black Hat 2011 Attendees

Former U.S. counter-terrorism official Cofer Black, who warned of 9/11 terrorist attacks, raised the alarm earlier this month during his Black Hat 2011 keynote that cyberwar is an imminent threat.

Cyber warfare has been brought up as a significant concern by US intelligence, former officials for some time – even concerns of potential tampering with IT supply chains, etc. Most view US leading with others catching up in offensive capabilities. Turnabout is fair game. Besides the obvious appeal and resonance this official’s message has with the Black Hat community and media coverage, some related points that can be made:

  • Stuxnet is the most significant example of a cyber attack against another nation state’s critical infrastructure since the Russian gas pipeline explosion in June 1982. In the June 1982 attack, a CIA operation was launched that embedded a Trojan horse in gas pipeline regulator software the CIA knew would be stolen by the Russians. The Russians did indeed steal the software and used it in a production gas line in Siberia. The Trojan horse corrupted the gas pipeline regulation which resulted in a massive explosion, initially thought to be nuclear, until later evidence showed this wasn’t the case. The incident was classified, then later released and infamously documented in the Farewell Dossier. The KGB at the time said the blast was accidental. (Source: Defending Against Stuxnet Type Threats – invincea blog)
  • Government officials fear that foreign powers could surreptitiously design something into a component or printed circuit board that would end up in a piece of equipment used by the government "Maliciously tampered ICs cannot be patched," retired General Wesley Clark said in 2009. "They are the ultimate sleeper cell."
  • Many are very skeptical that a huge US electronic 9/11 or Perl Harbor event is imminent – a view I share. All advanced militaries have cyber­attack capabilities, including EMP strike options against information technology based systems. We can expect significant nation state sponsored cyber incursions to continue, often for information gathering purposes. This may not be a true “war” but that doesn't mean we aren't losing.