Cyber attacks grow increasingly "reckless", official says

NEW YORK Fri Sep 7, 2012 6:39pm EDT

Backlit keyboard is reflected in screen of Apple Macbook Pro notebook computer in Warsaw February 6, 2012. REUTERS/Kacper Pempel

Backlit keyboard is reflected in screen of Apple Macbook Pro notebook computer in Warsaw February 6, 2012.

Credit: Reuters/Kacper Pempel

NEW YORK (Reuters) - Other nations are increasingly employing cyber attacks without "any sense of restraint," a top U.S. cybersecurity official said on Friday, citing "reckless" behaviors that neither the United States nor the Soviet Union would have dared at the height of Cold War tensions.

Debora Plunkett, of the secretive National Security Agency, whose responsibilities include protecting U.S. government computer networks, predicted that Congress would pass long-stalled cybersecurity legislation within the next year.

Lawmakers failed this summer to overcome disputes over cybersecurity regulations for private firms such as utilities.

Plunkett, head of the NSA's Information Assurance Directorate, the agency's cyber-defense arm, told a university audience that "we're starting to see nation-state resources and expertise employed in what we would characterize as reckless and disruptive, destructive behaviors."

Even during the Cold War, blocs of nations allied with the United States or with the Soviet Union worked to undermine each other, but still operated with a sense of restraint, she said.

"Some of today's national cyber actors don't seem to be bound by any sense of restraint," she told a forum at the Polytechnic Institute of New York University.

Officials from the Obama administration and Congress have called for stronger cyber security, accusing China and Russia of hacking U.S. computer networks for economic gain, espionage and other motives.

U.S. standing to complain about other nations' cyber attacks has been undermined, however, by disclosures that Washington, along with Israel, launched sophisticated offensive cyber operations of its own against Iran to try to slow that nation's suspected quest for a nuclear weapon.

U.S. officials have not publicly acknowledged that effort and almost never speak of U.S. offensive capabilities in public.

When asked how large a threat hacking from China, Russia and other countries posed to the United States, Plunkett said: "Significant. I don't know how else to describe it."

SHARP INCREASE SEEN IN ATTACKS

Plunkett's comments from the normally tight-lipped NSA reflect a growing concern among U.S. officials, lawmakers and agency heads about the country's cyber security.

Security software maker Symantec Corp said on Friday that a hacker group that attacked Google Inc in 2009 - an operation later dubbed Operation Aurora - had since launched hundreds of other cyber assaults, focusing on defense companies and human rights groups.

Cybersecurity experts widely believe the Google attacks originated from China. Chinese officials have denied their country is a source of cyber attacks against the United States

Symantec said the group had used a technique that enabled attackers to hack into highly secured systems. That suggested the hackers were either a large criminal group, backed by a nation-state, or a nation-state itself, Symantec said.

In July, General Keith Alexander, head of the NSA, said during an interview at the Aspen Security Forum in Colorado, that the number of computer attacks from hackers, criminal gangs and foreign nations on American infrastructure had increased 17-fold from 2009 to 2011.

"The trend exists and we have to be prepared for it and think that it will only get worse because I believe that it will," Plunkett said.

U.S. lawmakers in August stalled cyber legislation that would enable companies and the government to share information about hacking and create a set of voluntary cybersecurity standards for companies in charge of critical infrastructure like energy, water and transportation.

With the Nov 6 congressional and presidential elections looming, observers say cyber security will be overshadowed by issues like taxes and spending.

"I am thrilled that the conversation is happening. Am I disappointed that we're not there? Sure ... I predict we're going to have legislation. It will happen ... and I'm also pretty convinced that one year after it happens, we'll think it's not enough," Plunkett said.

(Editing by Warren Strobel and Peter Cooney)

FILED UNDER:
We welcome comments that advance the story through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can flag it to our editors by using the report abuse links. Views expressed in the comments do not represent those of Reuters. For more information on our comment policy, see http://blogs.reuters.com/fulldisclosure/2010/09/27/toward-a-more-thoughtful-conversation-on-stories/
Comments (8)
usagadfly wrote:
The US Government has a problem with other countries using “backdoors” placed in US computer systems for the US Government agency use.

Who intends Americans more harm? Our own Government or foreigners? This is the kind of “defense” we have had for too long.

Sep 07, 2012 8:57pm EDT  --  Report as abuse
amibovvered wrote:
Just making sure Congress delivers on the expected funding for this particular boondoggle. That’s what the fuss is all about.

Sep 07, 2012 10:24pm EDT  --  Report as abuse
UauS wrote:
Mr. “Kaspersky graduated from the Institute of Cryptography, Telecommunications and Computer Science, an institute co-sponsored by the Russian Ministry of Defence and the KGB[1] in 1987.”
From Wikipedia, the free encyclopedia

Sep 08, 2012 1:36am EDT  --  Report as abuse
This discussion is now closed. We welcome comments on our articles for a limited period after their publication.