Home » News » Around the Globe » Enough With the Warnings!

Enough With the Warnings!

by John Reed on November 22, 2010

By Kevin Coleman – DefenseTech Cyber Warfare Correspondent

Last week Defense Secretary Robert Gates warned that the future holds a major threat from cyber technologies that will require civil and military coordination to shield American networks from attack. He went on to add, “that’s just the reality that we all face.”  

Enough with the warnings, it is well past time for action. The U.S. has a habit of waiting until something happens to take action. Gates and other military and intelligence leaders, past and present, have all talked about working with the private sector to address this growing threat. The price tag is high. One estimate put the cost of protecting our critical infrastructure (repair and / or replace) at $60 billion over a 5 year period. Given the current attitude of business leaders, the private sector will NOT spend this kind of cash any time soon. 

The cyber attack reviews and analysis that go on behind closed doors are chilling to say the least. Given these details are not public, critics are quick to point out the lack of ‘evidence’ of cyber hostilities. Other are concerned about the trouncing our civil liberties in the process of securing our critical systems and cyber space. We need to keep in mind that the threats from cyber space are far too significant and potentially damaging for the traditional sit and wait attitude.

Share |

{ 28 comments… read them below or add one }

Jeff Fraser November 22, 2010 at 12:08 pm

The need to act is undeniable. We may be able to blow China out of the water in the physical world, but that won't matter if they can cripple us through cyberspace. I'm no expert on this sort of thing, but there's got to a way to seal off our critical infrastructure from the rest of the world.

Reply

Bob November 22, 2010 at 1:22 pm

We will not act because to do so might involve offending someone -somewhere. It just isn't politically correct, and it is very important for our decision makers to appear to be PC.

Reply

Jacob November 22, 2010 at 5:29 pm

Offending who? And since when does political correctness mean that you can't act on national security?

Reply

Jeff November 22, 2010 at 8:58 pm

Ask Washington, Jacob. I believe I'm correct in saying we've halted sales of military hardware to Taiwan just because China bared its teeth on a few occasions.

Reply

Mufasa November 23, 2010 at 11:27 pm

Don't conflate being "PC" with prioritizing certain foreign relations objectives. Making concessions to China has nothing to do with trying to get you to stop calling black people "coloreds". Stop trying to fit everything into your shallow culture warrior narrative. It's not a good model for reality.

Reply

blight November 22, 2010 at 1:51 pm

I think the US will be one of the first people to use cyberwarfare offensively. Americans love death-free, risk-free means of attacking our enemies: look at the drone strikes. No American coffins. If cyberattacks can hit our enemies no matter what country they're in America may well develop a potent capability and use it frequently, taking advantage of the "early days" of cyberwarfare before rules and international this-and-thats muck you down. Hell, they might be doing it already…

Reply

Michael November 22, 2010 at 2:01 pm

I wonder if we'll ever see something of substance done about this. Much like with UFO's, I want to believe…I want to believe the government will do something before it's too late. But on the other hand, why should I think anything will change. Listen…I can hear the sound of draaaaaging feeeeet.

Reply

Capable Mariner November 22, 2010 at 4:02 pm

Enough with the alarmist attitude that we aren't doing anything! Would you like Secretary Gates to give you complete details on our plan of defense/and or attack. Would you like him to make some pronouncement that we are completly capable of withstanding any attack? No one can make that claim.

Reply

Insomniac November 22, 2010 at 4:38 pm

"The U.S. has a habit of waiting until something happens to take action."

Yes, America is full of procrastinators.

Reply

Tim November 22, 2010 at 4:41 pm

Your kidding me right ? I guarantee the NSA and GCHQ in the Uk are

causing mayhem for the Chinese and Russian scumbags in the cyber world .

My main concern is why there us any need for the military networks to be connected to the worldwide web ? This goes for all major infrastructure nodes . Why the hell are the crucial operating systems of our power grids hooked upto the Internet ?

Reply

Jacob November 22, 2010 at 5:31 pm

Well, disconnecting your infrastructure from the web is probably irrelevant now that Stuxnet has shown us it can spread through flash drives….

Reply

Charles November 22, 2010 at 6:23 pm

Cost.

It is massively expensive to create a new connection from point A to point B. Creating a new connection involves renting pole or conduit space (if it is available; otherwise right of ways must be acquired and poles or conduit installed), purchase of transmission signal boosters, and purchase of signal conductor itself. Then all those items must be maintained for the life of the connection.

By routing the needed connection through the Internet the above cost of creating a connection from A to B is spread out over everyone who is trying to communicate with points near A and B.

Given that we use competition driven market any commercial ventures will be optimized for minimum costs. Thus a commercial venture will transmit pretty much all of its communications through the Internet.

That is why crucial systems that are controlled by commercial entities transmit through the internet.

Reply

Christopher Bloom November 22, 2010 at 5:54 pm

Tim the reason the Military and Civilian infrastructure in the US is interconnected is because it Runs on the same networks meaning the Phone lines Fiber optics and Satellites. Their is a law that requires the military/Gov to use civilian companies for a lot of its infrastructure services like communications accept for a few narrowly defined situations.

Meaning the Army or Air force can assemble, install, and maintain, or operate its own Fiber optic cables connecting it's Air basses and Army basses in the US they are required to use Civilian assets for this service leaving them vulnerable.

Reply

Charles November 22, 2010 at 6:37 pm

Military or other government organizations can and do have civilian companies install dedicated and direct point to point communication links. These links are identical in all aspects including security as links installed and maintained by the government entity itself.

Reply

Christopher Bloom November 22, 2010 at 5:56 pm

I meant Can't Assemble, install, and maintain, or operate.

Reply

Hunter78 November 22, 2010 at 7:08 pm

Any system running Windows is totally open. I don't have any great secrets to keep, so I run Windows.

Reply

Oblat November 23, 2010 at 12:48 am

>The cyber attack reviews and analysis that go on behind closed doors are chilling to say the least.

Yea bunch of clueless consultants telling each other made up nonsense.

The desperation of the cyberwar consultants as the DoD cash cow evaporates is palpable. And it turns out that all those Washington lunches that Kevin was bragging about weren't enough to hook a contract.

Like every bunch of new boys who arrive in Washington, they find out sooner or later that the game has been going on for decades and they are out in the cold.

Reply

Jonathan November 23, 2010 at 7:28 am

How could securing the internet cost 60 billion dollars?
There is no way it could cost that much.

Rhode Island operates on only 5 billion a year. So it would cost 30 times more to secure the internet then it does to run an entire state?

Typical government.

Reply

Jonathan November 23, 2010 at 7:29 am

Whoops I meant 12 times as much. Im as good as math as the government is apparently.

Reply

Mahabala November 23, 2010 at 11:14 am

When discussing the cost of completely severing the critical information systems from comercial lines, you are looking at the cost of procuring routers, signal boosters for long distance traffic. and the installation of the lines to actually connect those pieces of equipment. All of which can't be done with out a time consuming civillian contract bidding process and review by an outside agency hired by the people in charge cause they don't understand any words on the bid over 4 letters.

Thats why $60B is an understatement.

Reply

Jonathan November 23, 2010 at 12:24 pm

What is putting critical information on seperate lines going to do to make it any more secure?

The private lines can be "tapped" into in the same ways as the ones now can.

Since to actually control or sniff the current system, you have to tap into the lines themselves at certain places.

Its just going to mean China has to dig a hole in a different spot then they do now.

Feel free to enlighten me differently

Reply

Jonathan November 23, 2010 at 12:26 pm

If we cant secure our borders, how are we going to secure thousands of miles of this private fiber optic network?

Reply

Jonathan November 23, 2010 at 12:38 pm

Maybe like a robot that crawls along the pipe with the fiber optics in it looking for chinese/russian bugs.

The only connections into the line are at military bases?

But isnt the whole thing easily sabotaged by like a satchel charge.

Wouldnt the current system be more redundant since it has connections all over the place and not so easily sabotaged?

Either way this idea sounds like a waste of money.

Christopher Bloom November 23, 2010 at 2:17 pm

Every thing I have heard China and any other hostile power dose not have to physically tap the line they can access those server and power plants from Main land China/Russian/NK/Tehran.

They can lay their engined of destruction Via remote on the other side of the world.

Reply

Landry Parks March 13, 2013 at 4:27 am

This just doesn't make sense. Hackers are coursing through the fiber optic cables, attacking websites at their leisure so what more could the US waiting for? They should just stop the debates, wake up, and smell the coffee. Cyber threats are real. Taking a reactive stance on cyber defense is just asking for trouble.

Reply

Dong September 27, 2014 at 4:18 am

It’s great to see this useful post on dog training.
I have a question however. How do you work with an older dog?

Reply

Jonathan November 23, 2010 at 12:56 pm

I can live the rest of my life on 1 million dollars. I am unemployed and have never made more then 100,000 in my entire lifetime.

Yet

We want to spend 60 billion snaking fiber optics all over to connect our Military with this supposed "elegant" private network us mere mortals couldnt understand or defeat? YEAH RIGHT. Nevermind an organized foreign army whom we would be at war with.

Sounds like a luxury we cant afford or accomplish. Not until they give me my million first.

Give me a million and I will tell you how to bring this network crashing down.

Ill even find it where you try to hide it.

Reply

Charles November 23, 2010 at 11:48 pm

The military already has its own secure networks which are probably as secure as anything can be and still be called a communication system. (Systems that nobody can interact with are by definition secure, but are also by definition useless.)

This article is talking about communication systems used by privately controlled critical systems like those that regulate the power grid. These systems all use the internet to intra-system communications. On the internet it is not necessary to tap into anything. Everyone is already connected to everyone else.

The current system is vastly more redundant then a secure alternative but redundancy and communication security are two different things. There are some forms of sabotage that can be protected against by either secure communications or redundancy. There are other forms of sabotage that can't be protected by redundancy and yet other forms of sabotage that can't be protected by secure communications.

Reply

Leave a Comment

Previous post:

Next post: