Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Download
Standard view
Full view
of .
Look up keyword
Like this
1Activity
0 of .
Results for:
No results containing your search query
P. 1
The New Cyber Threat

The New Cyber Threat

Ratings: (0)|Views: 53 |Likes:
Published by Chi-Chu Tschang

More info:

Published by: Chi-Chu Tschang on Nov 07, 2010
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

11/07/2010

pdf

text

original

 
032
 
the newcyberthreat
   R   o   b   e   R   t   L   L   e   w   e   L   L   y   n   /   J   u   p   i   t   e   R   i   m   a   g   e   s
033
in depth
By Bra Grow, K es, a C-Cu tscag
illusraos by Joao Ros
how sa ar our scrs? Mor a morra ros ar brakg o Amrca’smos ssv comur works
The e-mail message addressed to a Booz Allen Hamilton execu-tive was mundane—a list sent over by the Pentagon o weaponryon order by India. But the missive turned out to be a brilliantake. Lurking beneath the description o aircrat, engines,and radar equipment was an insidious piece o computer codeknown as “Poison Ivy” designed to suck sensitive and classifeddata out o the $4 billion consulting frm’s computer network.
It turns out the Pentagon hadn’t sent the e-mail at all—the ma-licious code was launched rom network servers in a nondescriptbuilding on the banks o China’s Yangtze River. Whoever authoredthe e-mail knew enough about the sender and recipient to cra amessage that was unlikely to arouse suspicion. Had the Booz Allenexecutive clicked on the attachment, the ull orce o the virus wouldhave been unleashed and his every keystroke reported back to a mys-terious master at the Internet address cybersyndrome.3222.org.The U.S. government, and its sprawl o deense contractors, havebeen the target o an unprecedented rash o similar cyberattacksover the last two years. “It’s espionage on a massive scale,” says PaulB. Kurtz, a ormer high-ranking national security ocial. Govern-ment agencies reported 12,986 cybersecurity incidents to the U.S.
APRIL 21, 2008
I
BUSineSSWeeK
 
the U.S. government on the overhaul o its computer securitystrategy. “Now they’re saying, ‘Oh, s--t.’”Adding to Washington’s anxiety, U.S. intelligence oi-cials say many o the new attackers are trained proession-als backed by oreign governments. “The new breed o threatthat has evolved is nation-state-sponsored stu,” says AmitYoran, a ormer director o Homeland Security’s NationalCyber Security Div. Adds one o the nation’s most senior mil-itary ocers: “We’ve got to gure out how to get at it beoreour regrets exceed our ability to react.The military and intelligence communities have ngered the
   V   e   e   R
034
BUSineSSWeeK
I
APRIL 21, 2008
Homeland Security Dept. last scal year,triple the number rom two years earlier.Incursions on the military’s networks wereup 55% last year, says Lieutenant GeneralCharles E. Croom, head o the Pentagon’sJoint Task Force or Global Network Op-erations. Private rms like Booz Allen arejust as vulnerable—and pose just as muchsecurity risk. “They have our inormationon their networks. They’re building ourweapon systems. You wouldn’t want that inenemy hands,” Croom says. Cyberattackers“are not denying, disrupting, or destroy-ing operations—yet. But that doesn’t meanthey don’t have the capability.
shutting down ports
When the deluge began in 2006, ocialsscurried to come up with soware “patch-es,” “wraps,” and other bits o triage. Theeort got serious last summer when topmilitary brass quietly summoned the chie executives or their representatives romthe 20 largest U.S. deense contracts tothe Pentagon or a “threat brieng.” Sincethen,
 BusinessWeek
has learned, the U.S.government has launched a classied op-eration called Byzantine Foothold to detect,track, and disarm intrusions on the government’s most criti-cal networks. And President George W. Bush on Jan. 8 quietlysigned an order to overhaul U.S. cyberdeenses, establishing12 distinct goals, according to people brieed on its contents.One goal in particular illustrates the urgency and scope o the problem: By June all government agencies must cut thenumber o tiny communication channels, or ports, throughwhich their networks connect to the Internet rom more than4,000 to ewer than 100. On Apr. 9, Homeland Security Dept.Secretary Michael Cherto called the President’s order a cy-bersecurity “Manhattan Project.” First, he said, the U.S. must“get our own house in order.But many security experts worry theInternet has become too unwieldy to betamed. New viruses appear every day, eachseemingly more sophisticated than the pre-vious one. The Deense Dept., whose Ad-vanced Research Projects Agency (DARPA)developed the Internet in the 1960s, is be-ginning to think it created a monster. “Youdon’t need an Army, a Navy, an Air Forceto beat the U.S.,” says General William T.Lord, commander o the Air Force CyberCommand, a unit ormed in October, 2006,to upgrade Air Force computer deenses.“You can be a peer orce or the price o thePC on my desk.” Military ocials have longbelieved that “it’s cheaper, and we kill stu aster, when we use the Internet to enablehigh-tech warare,” says a top adviser to
an eVOLVInG threat
Major aacks o  U.S. govrm as usry ovr  yars
SOLar SunrISe
Fa, 1998.
Ar Forc a navycomurs ar  by malcous coa s ou a ol  Su Mcro-sysms’ Solars orag sysm,ac s ow ry o— og. Som aacks arrou roug  U Arabemras wl  U.S. s rargor mlary aco  iraq. turs ou aacks wr lauc by woagrs  Clovral, Cal., aa isral accomlc wo callmsl  “Aalyzr.
MOOnLIGht Maze
Mac, 1998,  1999.
A-ackrs us scrs o ga accsso Wb ss a  ds d.,nASA,  ergy d., a wa-os labs across  coury. Largacks o uclassf aa arsol. “A ms,   o [or aa] was s Russa,” says asourc amlar w  vsga-o. t sosor o  aack asvr b f. t Russagovrm  ay volv-m.
D:
BusinessWeek 
 

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->