RSA: Security Expert Says U.S. Is Already Engaged In Cyber War

Kicking off his presentation, Scott Borg director and chief economist from the U.S. Cyber Consequence Unit, an independent research institute, told an audience of IT security professionals during an RSA Conference session Thursday said that the 9/11 Report was called an "epic failure of imagination," in part because it failed acknowledge the current state of cyber warfare in the U.S.

"I've been struck by a disconnect between what policy makers are saying and the world that I and my colleagues live in," he said.

Borg said that the implications of this disconnect are huge, and not adequately being recognized, in large part because cyber warfare doesn't fit traditional, decades-old criteria for war, such as immediacy, severity, invasiveness, and didn't apply to current definitions of modern warfare, he said.

"If you go through a list of cyber attacks, none of those categories really worked," he said. "You can design a cyber attack that can weave its way around that criteria and do as much damage as you want."

There have been 20 major cyber campaigns launched since 1998, averaging several each year for the last decade, Borg said, referring to the 2008 cyber attacks against Georgia as an emblematic example of what might be yet to come.

"This will be our model of attacks in the future," he said. "You're not hearing them being taken into account." While Georgian and Russian hackers stopped short of attacking critical infrastructure, Borg said that those kinds of severe attacks could be imminent if future international conflicts were to escalate.

"We now face the prospect of regional cyber wars that could spread," he said. "If they escalate maybe people will not hold back from attacking critical infrastructure."

In addition to geo-political implications, cyberwarfare could have significant and far-reaching impact on multi-national industry, the presenters said.

Borg said that the implications of future attacks -- even those that occur outside U.S. borders -- also have tremendous commercial significance due to the fact that supply chains are global.

"Regional supply chains could disrupt global supply chains," he said. "Dependencies are now enormous for the business community. They increasingly need to start having contingency plans for this."

Meanwhile, hackers are continually refining cyber and industrial espionage techniques to infiltrate the networks of multinational companies, much like the recent Operation Aurora attack on Google, Intel, Adobe and others, in an attempt to steal schematics and disrupt or completely halt production, he said.

"The business information that can be stolen goes way beyond trade secrets," he said.

During the RSA discussion, Amit Yoran, CEO of NetWitness Corp. who was co-presenting with Borg, said that for the most part, the U.S. is dramatically underequipped to deal with the problem.

"SIM-like technologies are not capable," he said. "We don't have the signatures. We don't understand zero-day exploits," he said, while calling for more government transparency in addition to criticizing the U.S. government for its failure to address the cyber issue with direct action.

"The way government has traditionally approached the cyber issue is to do as little as possible," Yoran said. "Perhaps raise awareness but not engage directly."