The head of America’s federal police has reinforced fears of war in cyberspace (see last month’s NetGuide, page 14), saying that the cyber terrorism threat is real, and it is rapidly expanding.
FBI Director Robert S. Mueller, addressing security professionals at the RSA Conference in San Francisco, said enforcement agencies worldwide are aware of the risks to national security posed by hackers with a political/terror agenda.
“Terrorists have shown a clear interest in pursuing hacking skills,” he said. “And they will either train their own recruits or hire outsiders, with an eye toward combining physical attacks with cyber attacks.
“In the past 10 years, al Qaeda’s online presence has become as potent as its physical presence. Extremists are not limiting their use of the Internet to recruitment or radicalisation; they are using it to incite terrorism. Thousands of extremist Web sites promote violence to a ready and a willing audience. They are posting videos on how to build backpack bombs and bio-weapons. They are using social networking to link terrorist plotters and plans.
“Of course, the Internet is not only used to plan and execute attacks; it is a target in and of itself. Usama bin Laden long ago identified cyberspace as a means to damage both our economy and our psyche – and countless extremists have taken this to heart.”
Mueller cited denial-of-service attacks which defaced numerous Web sites, including the US Congress’ site following President Obama’s State of the Union speech, as examples of how hacking “for publicity or impact” is being used increasingly. Similar attacks in Estonia in 2007 and Georgia in 2008 (widely blamed on Russian activists) caused widespread disruption to public utilities.
“Espionage once pitted spy versus spy, country against country,” he said. “Today, our adversaries sit on fibre optic cables and wi-fi networks, unknown and undetected. They may be nation-state actors or mercenaries for hire, rogue hackers or transnational criminal syndicates. These hackers actively target our government networks. They seek our technology, our intelligence and our intellectual property, even our military weapons and strategies. In short, they have everything to gain, and we have a great deal to lose.
“The solution does not rest solely with better ways to detect and block intrusion attempts. We are playing the cyber equivalent of cat and mouse, and, unfortunately, the mouse seems to be one step ahead.
“Together, we must continue to work toward an international standard for cyber crime. And we must continue to press forward, country by country, and company by company.
“No one country, company, or agency can stop cyber crime. A ‘bar the windows and bolt the doors’ mentality will not ensure our collective safety. Fortresses will not hold forever; walls will one day fall down. We must start at the source; we must find those responsible.”