Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
Editor's Blog and Industry Comments

US cyber attack demonstrates ineffective preventive measures

03 June, 2013
Tripwire experts comment on the recent cyber attack on US weapon designs that could have compromised the country's national security


The USA suffered a major breach last week as hackers from China gained access to system designs for weapons such as the Patriot PAC-3 missile. It wasn't just land systems that were spied upon but also air based systems with plans for the Black Hawk helicopter being compromised as well as the Littoral Combat ship, America's coastal defence trump card.



Although US authorities are being careful to play down the potential consequences of the breach, this is nonetheless a massive embarrassment to the state which pledged huge sums of money to counter the growing cyber threat, especially from other nations.



Security company TripWire has commented on the attack with its Chief Technology Officer, Dwayne Melancon saying:



”The report identifies the problem, but the recommendations still sound a lot like "We're developing a plan for a plan," which means the gap between attacker and defender capabilities will continue to widen. If this is the case, more critical data will be stolen and we won’t be able to do anything about it.



The attacks are obviously a concern, but the bigger issue is the ineffectiveness of the efforts thus far.  In the report, the DoD says their 'numerous' efforts are fragmented and unaligned.  As a result, they've declared that they are not prepared to defend against this threat.  



The report also states that the use of attack tools downloaded from the Internet is 'very successful' at defeating the DoD's systems, and 'it will take years for the Department to build an effective response…'  The only way to interpret this statement is that DoD’s approach to cyber security is fundamentally broken.



Structure and process can be effective cyber security tools, but the reality is that cyber attackers are extremely adaptable and nimble so a rigid approach to defense gets in the way.  The key challenge for the U.S. will be "re-imagining" how we approach this battle so that we can create a much more resilient and aware set of cyber security capabilities.”



TripWire's Director of Security Operations, Andrew Storms, puts the attack into the context of modern methods of spying:



“Espionage is espionage, it’s always been a feature of international politics and it always will be.  The problem is that today’s ‘secret agents’ don’t have a face and they don’t need physical access to the information they are trying to steal.



Obviously, having the secret details of your most advanced weapons systems exfiltrated is a serious indictment of our national cyber security program.”


Bookmark and Share