• The Heritage Network
    • Resize:
    • A
    • A
    • A
  • Donate
  • Morning Bell: Time for America to Get Cyber-Serious

    In the 1995 movie The Net, Sandra Bullock fights computer hackers attempting to cyber-sabotage her life. The hackers successfully change her identity, manipulate U.S. markets, and access the private personal data of U.S. officials. While the clunky looking computers, cell phones, and storyline in the movie are joked about today, cyber terrorism is a real—and much bigger—threat 16 years later.

    Protecting America is no longer just a matter of diplomacy and sending armed forces overseas to fight. In the past 10 years, national defense has become a multifaceted intelligence enterprise, requiring additional expertise against nuclear, cyber, and chemical threats from our enemies.

    Last week, the Pentagon announced that cyber attacks can now be declared an act of war, proving that these technological arenas are part of a 21st-century battlefield requiring a sharp, pre-emptive strategy and dedicated online soldiers.

    Case in point: Defense contractor Lockheed Martin publicized last weekend that it was the target of a major cyber attack. It reported no significant intelligence lost, but the case serves to remind us of the potential vulnerability of critical defense data.

    Last year’s WikiLeaks scandal also left everyone feeling susceptible to vital privacy intrusion, and though the U.S. has developed some cybersecurity strategies, we haven’t gone far enough.

    As retired army Lieutenant Colonel and current Representative Allen West (R–FL) said last week in an exclusive interview with The Heritage Foundation, “there are three levels of the battlefield: the strategic, the operational, and the tactical.”

    The United States has not mastered the levels in cyberspace or on the modern battlefield, as technology changes quickly and we often have an unclear objective or definitional enemy. No longer is national security relegated to protection from individual nations. Now, we are faced with anonymous individuals and small groups of non-state actors employing hard-to-predict strategies and difficult-to-locate origins.

    Heritage’s Paul Rosenzweig makes comparisons to the online and physical combat zones, asserting, “The methods for confronting these cyber insurgents will be different from those used to confront armed insurgents in the real world, but the principle should be the same.”

    The consequences of cyberwar are too dire for the United States to wait and learn from our mistakes. If we begin losing the cyberbattles frequently, it may mean the end of America as we know it. A country’s security data is a virtual weapon, and without it, we are defenseless.

    The FBI reported another cyber crime yesterday, announcing the shutdown of an Atlanta-based Web site that tracks cyber crime. These reports will become more frequent as cyber terrorists learn new skills. As Rosenzweig writes:

    The current capabilities of organized non-state actors in cyberspace are relatively modest.… This state of affairs is unlikely to hold for long.… [S]ignificant real-world effects can already be achieved by sophisticated cyber actors. It is only a matter of time until less sophisticated non-state actors achieve the same capability.

    And while congressional systems have withstood any major hackings thus far, those involved in protecting them must be vigilant and prepared. “It is a never-ending battle because we know that our adversaries are constantly—by the tens of thousands of times—trying to break through our firewalls,” Senate Sergeant at Arms Terrance Gainer said.

    The United States has great intelligence capabilities and should use that to over-prepare now for the cyber terrorism wars to come.

    West noted that America needs a national security roadmap—and that includes a separate map for online security, because it is a separate battlefield. We need “a lay down of the potential fault lines and adversaries we have to face and we match requirements to that.”

    Quick Hits:

    Posted in Ongoing Priorities [slideshow_deploy]

    32 Responses to Morning Bell: Time for America to Get Cyber-Serious

    1. George Colgrove, VA says:

      I worry about articles like this, because they cause unneccessary panic and are used to implement solutions too quickly and without neccessary planning and thought.

      Before going crazy, breaches are momentary. A simple reboot solves may issues. There has never been a nation wide hack and the likelyhood is small. Breaches have always been limited. The biggest breaches were human error or purposful acts. (Lost computer, hard drive or flash drive, leaks and the like)

      Getting serious means PREVENTION FIRST. We need to look at our infrastructure and find simple, cost effective and secure solutions to protect not only the federal government's data but also iTunes, banks and Lands Ends customer data.

      Today we use virtually one operating system. This is the biggest weakness of the global cyber security. Windows is notorious of needing practically hourly patches. Now, one could say it is the product, but I contend it is the number of people using the product. If 90%+ of the population on this planet uses Windows, it become beneficial for the hacker to invest their time in learning the weaknesses of the OS and profit from it. Linux on the other hand is fully customizable as the source code is open. A Bank or federal department can make access to sensitive data as unique to its own operation as they can. Data allowed for public consumption can be made available to the world via the common internet structure.

      Lockheed Martin gets a simple attack with no detectable problems and we start to panic – like usual. We become reactionary. We end up making knee-jerk decisions resulting in costing the taxpayers (born and unborn) upwards of 10 times the cost. This article reports two recent attacks, but just know, every enterprise has been under attack long before the movie “NET”. Go back to “War Games” and beyond. The problem is serious, but not crippling. Lets keep our heads screwed on and be reasonable about the solutions.

      Start by working at home (the far cheaper solution and most effective):

      Simplify the systems.

      Customize the system by providing unique access protocols for each enterprise/program/department

      Secure the systems using hardware keys, key cards and the like.

      Restrict access to far fewer people – if for anything to reduce human error.

      Unplug sensitive data from the net

      Go beyond security clearances by eliminating all potential avenues of leaks (if you work in a protected/restricted access environment – no personal phone –w/ cameras, no MP3 players radios and the like, no personal bags, purses, lunches, snacks, jewelry, watches, no internet access, no access o personal (non-gov) email, controlled access to phone (gov use only), no personal use of paper or the like (i.e. no removal of paper from the area), continual screening of government email checking for personal use, spam, and the like and so on.) This way regardless of the clearance, you eliminate ALL potential avenues of human breaches.

      Hire Hackers and learn from them.

      Lastly revisit the classification program (as suggested by the CIA). There is an over classification problem in the federal workforce and it is costing us in the 10’s of billions of dollars annually. Too many people with very little knowledge of the subject matter have access. Last year, the Washington Post was able to reasonably describe the national security apparatus simply by using FIOA documents and talking to hotheaded egotistical federal workers in bars. WHOA!

      Put the lion’s share of the federal workforce within a normal business environment with non-sensitive subject matter. All work must be done with declassified documents that if leaked would not cause a national security issue. Currently there are over 850,000 top-secret clearances and millions of secret. Clearances that cost upwards of $27,000 to process and maintain!

      Essentially make sure the federal government and its workforce is better organized so that attacks would be less fruitful. The results will be two fold. One, especially considering 57% of discretionary spending is unfunded, it would cost a lot less for operations, and secondly, it significantly reduces risks.

      After that, use very good monitoring software and hardware to see where people are peaking in. Whether it is a country or an individual, hacking will go on indefinitely. If we want to start causing internet wars or land wars over breaching security, we will be in a far more dangerous world, than what results from a breach.

      This need not cost a lot and need not cost lives or our civilization. Keep our heads on, think simple and cost effective. The easier the system is to implement and maintain, the more secure the system will be.

    2. Marnott says:

      The only way we can get an effective national policy on this issue is tell the president it it happens it will 1) ground air force one 2) stop green energy production efforts 3) hinder his re-election campaign or 4) make capitalism flourish. I think with those incentives he will get right on it as it would then infringe on his major passions as outlined above. We need some reverse psychology as nothing else is working.

    3. Ken Jarvis - Las Veg says:

      Finally!!!

      This is the FIRST Morning Bell

      since Obama Took office

      that HF has NOT blamed him for something.

      His Name is NOT in Morning Bell today.

      THINGS ARE GOING TO GET BETTER. THEY ALWAYS HAVE.

    4. Tom Holst, in Sonora says:

      I agree with this article on the hacking problem, but I've never understood why defense contractors and other organizations for which security is so important, aren't required to keep their sensitive information OFF of the worldwide web. If they need to transfer information within their own organization, then they should create their own hard-wired internal network with their own special security arrangements.

      That way, potential cyber hackers would not have access to this sensitive information. Do you know if this is being done or even seriously considered?

      Thank you for all you and the whole Heritage organization.

    5. ThomNJ says:

      I would not expect obamao to do anything about this at all, and he most certainly would not declare war on china or russia over a cyber attack – he might apologize, though……….

    6. Jeff McDonald, Santa says:

      It's high time we stopped educating our enemies in our Universities. We knowingly accept folks from Muslim countries and China, our two main enemies into our University systems and willingly give them the tools to partake in the everyday hacking into our most sensitive computer systems.

      I also agree with the Pentagon that a cyber attack by any country is an Act of War. Who leads the hit parade? The Chinese and the Pakastanis who regularly attack our apparently not-so-secure Defense, Intelligence computers, not even to mention the seemingly innocuous email servers in this country. Our email systems are VERY insecure and are used by the Defense Department and Intelligence systems, which are used to pass information about our newest Weapons Systems back and forth.

      Also, I was raised with the motto, "Loose Lips Sink Ships", as both my parents served in WWII. The White House, in order to keep the "bin Laden raid" in the news for political reasons (and I, for many reasons, do NOT believe he is dead!) and, in doing so, have compromised our Military with the massive Obama Administration leak machine. I believe that ALL the White House leaks, the Wiki-leaks operations and any Congressional releases of Secret and above should be investigated, the culprits apprehended (impeachment for Obama and Biden, who, if convicted could face charges) should be charged with Sedition and even Treason. This Administration is even lying about the Southern Border, and are trying to give amnesty to the illegals, 60% of whom are terrorists, who have training camps within our borders and inside Mexico, camps they know about and won't use the Unconstitutional and recently expanded Patriot Act to chase Americans who disagree with policies set by the Obamatrons in the White House. He has 41 czars, none of whom could pass Congressional scrutiny.

      All these leaks are reprehensible, as they give comfort and aid to our enemies. The White House has declared war on American citizens and continues to massage our enemies, trying to win their favor. It ALL has to stop, and stop NOW!

    7. jerry betts, Garland says:

      Robert D. Kaplan wrote a book several years ago entitled The Coming Anarchy; terrorism in all of its manifestations seems to be the portent of just that: individuals and groups of non-state actors engaging in acts of war. We have a new challenge, it seems, and the Arabs are just the tip of the iceburg.

      We will need all the help we can get, but the odds, it seems, are lengthening.

    8. jerry schneider, sal says:

      If you are serious about our deficiences regarding CyberWar, read the book by that title by Richard Clarke – far better content that Congressman West ever contemplated.

    9. Don Vander Jagt, Gra says:

      The only thing D.C. is seriously doing is destroying this Country !!!!!

      GET THE BROOM!

    10. Victor Barney, LeHig says:

      I'm looking for the government intervening and then they will be able to get complete control of the Internet, if they don't have that already?

    11. Elna says:

      While cyber attacks are serious and we need to do all we can to prevent them, the government will no doubt use this as an excuse to stop American citizens from using the Internet as we do now. I can see the government restricting use of the free Internet by American citizens and monitoring what we do when on the Internet. All this would be done ( and probably IS already being done ) under the guise of "protecting America from terrorists"

      Each entity needs to prevent cyber attacks by installing their own personal anti-hacking devices – American citizens will do the same.

    12. KC - New Mexico says:

      OMG – and HF would expect the current inadequate leadership in Washington (both sides) to address and solve this issue! The current leadership (and past leadership) has not been able to solve the boarder issues, economic issues, and overall crumbling infrastructure issues. We need change driven by real Americans that care! It is time to get rid of the professional politician and bring in some common sense business leaders to run this country!

    13. Dr. Henry D. Sinopol says:

      Don't forget to tell Obama about this so he can blame George Bush…

    14. Frank, Florida says:

      Although new in Congress, Allen west seems a cut above the rest already. Yes, "…America needs a national security roadmap—and that includes a separate map for online security, because it is a separate battlefield." But we also need to guard our online privacy rights somehow. I do not believe the government should get unlimited access to all our e-mails without probable cause & without a judge issuing a warrant. If a cyber attack is underway, there should be means to track the source of that attack & to block the attack. We should probably have a U.S. Cyberforce, but with Constitutional limits.

    15. llaurie hawaii says:

      We must listen to Allen West….to survive….., Mr. President, what do yo want your legacy to be…….The fall of America? The greatest men in the world are the ones that learn from the knowledge of other wise men. Take note, Mr. President!!!

    16. Dave, New York says:

      I am not making a partisan political statement.

      But, if Representative Weiner did actually have his computer hacked, as he claims, then this is a matter of national security. Mr. Weiner should have NO SAY on whether the FBI etc can investigate this crime. I assume some or most of his comuter equipment belongs to the US House or, has such a sufficient nexus to use in House business that Mr. Weiner would have to surrender it to the FBI so any hacking can be investigated.

      Mr. Weiner's personal files can be protected by a court order where the investigating agency would be prohibited from disclosing any personal information.

      But, to just have Mr. Weiner claim that his computer was "hacked" without any investigation is simply incredible in this age.

    17. Van Peski, Deming, N says:

      Lt. Col. West is right on. This is a serious and dangerous activity. I listened to Secretary of State Clinton commenting on this issue, which brought forth memories of her and her white house security chief, Craig Livingstone's involvement in File-Gate, ( 1996 ). Just as worrisome was the top secret CIA reports given to the Clinton's supporter John Huang, probably still reporting to the military attache in Jinan Province. Actually, she and others like her still in office scares me worse than the Chinese or Russians do.

    18. Blair Franconia, NH says:

      If China can break into Google, Lockheed Martin, and the Pentagon, so can al-

      Qaeda. Why can't our military and political "leaders" recognize this? In the '80s spy

      drama Scarecrow and Mrs. King, they recognized it and that was back when only BILLIONS of dollars were transferred via computer.

    19. Ben C., Ann Arbor, M says:

      An even more sinister methodology by the Chinese is the infiltration of engineering students into our universities to learn and take back to China our military technology. This is real and is happening today. There are whistle blowers that have first hand knowledge of this but have been largely ignored by “the authorities.” At some point Congress will wake up and there will be a flurry of activity. I just pray it’s not too late.

    20. Chad Labno, Miami, F says:

      "Case in point: Defense contractor Lockheed Martin publicized last weekend that it was the target of a major cyber attack. It reported no significant intelligence lost, but the case serves to remind us of the potential vulnerability of critical defense data."

      The question that needs to be asked is, why is "…critical defense data."

      on the Internet?

    21. Leon Lundquist, Dura says:

      I worked at Lockheed Martin, the Rocket Plant at Waterton. The really sensitive stuff was held 'off the Internet,' in completely separate rooms with no access to anybody. If you read George Colgrove's fine Blog. And if you look at what George was saying, Sec. Hillary Clinton did every wrong thing saying "we need better, easier information sharing" as if Everybody Should Have Our Secrets! So what happened? A Private got ahold of her 'work' and Wiki Leaks was the result! I think Sec. Clinton should be held Criminally Culpable in the Wiki Leaks fiasco! She practically gave our Secrets away! Yeah! Some 'improvement!'

      I am sick of these Traitors! (Clinton was a self described 'Wilsonian Progressive' and that's where Propaganda came from.) Talk about your leaky White House, the Progressives in the CIA do it in the dark. They protect each other, even work against the Public Officials they are sworn to protect! So now, with Libya and the Arab Spring, you would think some of these Traitors would be caught! Well! The fact they are not caught is very disturbing indeed!

      What? We can't even trust the House Republicans? No, my friends. Somebody somewhere has to be IMPEACHED! Else, we have no Government Oversight! The Damages are there.

    22. Renny, Maryland says:

      How can the big "O" take care of this situation when he is running for persident, spending our money? He has to carefully allot his time to HIM!!!!!!

    23. J.L. Tharp says:

      With firm reliance on Divine Providence we pledge our Lives, Our Fortunes, and Our Sacred Computers? Modern warfare demands secure communications and I submit that the lessons learned during WWII may even today provide insights into creative ways to accomplish secure coms. Creativity is a hallmark of American achievement, but never neglect the force of Divine Providence. The forefathers provided the ultimate blueprint when war is the final solution.

    24. MN J says:

      A few years ago, I attended a seminar where a CIO (Chief Info Officer) from one of our military academies. Net, they have learned so much about cyber attacks b/c they have discovered that their soldiers always have their pcs attacked when they are overseas. They have developed superb security practices and procedures.

      Do you think Congress and/or the Dems will consider talking to these pros? Nah, I don't think so.

      However, we MUST address this.

    25. Pingback: Estados Unidos debe ponerse ciberserio ya | Heritage Libertad

    26. cecelia says:

      The internet is such a rich source of information, since the wiki leaks incident last year and the almost daily reports from various outlets being compromised at varying levels I was concerned about commentary, never before have we enjoyed so many platforms for discussion and exploration of both positive and negative opinion.Only with the recent revelations from social media did I truly become more than alarmed since the bulk of my communications information is obtained this way. How would this affect future communications especially in the realm of our elected officials and dissemination of information and for the first time I was afraid not for myself, but afraid that honest communication would cease between the "the people" and the" we" since representatives may be vulnerable via this medium. When it was revealed to be of a different nature unrelated to cyber criminals I was no less relieved but deeply saddened that what most people take for granted, the trust we place and where we place it. My trust remains in the things and people I follow online and off and I am comforted by the thought " trust but verify" knowing full well the measure of the two.

    27. 2dokie says:

      It is ridiculous to think that the present govt. is competent to even approach this problem. All the wrong people are in the right places to even recognise this is a problem. After all this is an excellent disaster but there's noone competent to take advantage of it… that is what this sort of thing is for isn't it??!! Leadership, true leadership, anticipates problems like this and solve them BEFORE they occur. We haven't had real leadership since Pelosi and Reid gained their positions of complete " transparency".

    28. HawkWatcher, Mi. says:

      Click all the links in this article, they lead to "security" enlightenment.

      Only the weakly defended networks or servers get hacked. The vast majority of systems do not get hacked, not for lack of hackers efforts; they are simply more secure, more encrypted. Critical defense data should be offline or intranet only.

      Why is the government so lame? All the security methods that are shown to work are out there waiting to be used, many laid-off IT techs are ready to aid their country in implementing modern security, yet the hackers keep hacking while the spenders keep spending on anything but defense.

      Back in the nineties, my curious son and I (carefully and securely) used the web to learn hacking, and it looks like the online bad-boy schools are still in session today. "Acts of war" is a misnomer in most hacking cases.

    29. Jill, California says:

      When our government gets serious about protecting innocent Americans from identity theft, phishing, unwanted spam advertising everything from organ enlargement to Viagra, and any number of other offensive or criminal acts, we'll know the government is committed to … and capable of … protecting our country from more serious cyber attacks.

    30. michael j mudrak car says:

      When a problem exists that is to big to handle turn to God and he will handle it. For it

      is written come to me and be safe all the ends of the earth for their is no just and saving

      GOD

      but me.

    31. gary sheldon AZ says:

      Could Tony Wiener be considered a cyber terrorist or will Pelousi rubber stamp this behavior as a hard as concrete evidence of the validity of the PETER PRINCIPLE and Wiener can stay in the House as he is at least as qualified as Barney Frank and Clinton and all other Marxists who have shown themselves to be morally self-righteous and loving of our children to the point of infanticide ?Does the heart good to know we have such people with a true north moral compass. My grandchildren have nothing to fear with legislators such as these.

      "Planned Parenthood, the Dept. of Eduction, the EPA etc. will do a fine job of supplanting God in this nation. This is the part of the "fundaMENTAL" changes Obama campained for in 2008. What a success !!! Yahooooo!!!!

    32. WOW that is a pretty good prediction on the Rangers vs Caps, Philly in 6 or (7), great with SJ, not bad with Detroit,off with the Habs.I was pretty shocked about the Ducks and the? Canucks going to 7 vs the Hawks.

    Comments are subject to approval and moderation. We remind everyone that The Heritage Foundation promotes a civil society where ideas and debate flourish. Please be respectful of each other and the subjects of any criticism. While we may not always agree on policy, we should all agree that being appropriately informed is everyone's intention visiting this site. Profanity, lewdness, personal attacks, and other forms of incivility will not be tolerated. Please keep your thoughts brief and avoid ALL CAPS. While we respect your first amendment rights, we are obligated to our readers to maintain these standards. Thanks for joining the conversation.

    Big Government Is NOT the Answer

    Your tax dollars are being spent on programs that we really don't need.

    I Agree I Disagree ×

    Get Heritage In Your Inbox — FREE!

    Heritage Foundation e-mails keep you updated on the ongoing policy battles in Washington and around the country.

    ×