Every morning, 50% of Americans reach for a mobile telephone as they prepare for their day. It’s likely that some of you are reading this blog post from your mobile phone. 25% of Americans login to their email account at least once a day. We use the Internet to stay in touch with friends and family, close an important deal at work, upload a photo from a recent vacation, or even stream your favorite movie or music. As the proportion of our daily activity being conducted in ‘Cyber Space’ increases, too few ask themselves: “Am I at risk?” The commander of U.S. Cyber Command and director of the National Security Agency, General Keith Alexander, asks himself this question on behalf of the American People. General Alexander spoke at the American Enterprise Institute on Monday, July 9th to discuss Cyber Security and what we need to do as a country to protect ourselves. General Alexander made a point to highlight how cyber-related incidents could easily move “from disruptive to destructive attacks”. Below you can see some interesting and somewhat scary statistics that he discussed to support how this threat could be quickly approaching.
Interesting
· In the U.S. there are currently 165,000,000 Active Cell phone Users
Image courtesy Flicker user hackNY
· In the last year 461 different types of mobile devices were sold.
· 500,000 Apps available in the Apple App Store
· 280,000 Apps available in the Android Market
· By 2016 there will be 7,300,000,000 Billion People on Earth
· By 2016 there will be 10,000,000,000 Mobile Devices on Earth
· 360,000,000 Internet users globally in 2000
· 2,300,000,000 Internet users globally in 2012
· In 2011, 107,000,000,000,000 emails were sent
· Facebook will have over 1,000,000,000 users by the end of August 2012
· The U.S. houses 43% of the world’s most popular websites
· 24% of all websites have Facebook integrated
Scary
· There are 75,000,000 different pieces of Malware
· Every day 89,500,000,000 (Nearly 33% of all email) messages are sent from some sort of ‘Bot’
· 2011 saw a 44% rise in Cyber attacks
· 2011 saw a 60% increase in the use of Malware
· In 2009 there were 9 attacks on U.S. Critical Infrastructure
· In 2011 there were over 160 attacks on U.S. Critical Infrastructure
· From Jan 2011 to June 2011, 19,000 malicious URLs appeared each day
· In 2011 the following corporations (to name a few) were hacked:
-U.S. Chamber of Commerce -Mitsubishi
-Google -AT&T;
-Booz Allen Hamilton -Visa (Twice)
-Symantec -Mastercard
-Sony -Stratfor
-Adidas -Nissan
The technology of the last decade has increased tremendously our ability to communicate, coordinate and entertain. With that comes more and more personal, commercial, classified, and critically, financial information transmitted through Cyberspace. General Alexander went on to explain that, typically, only 1% of victims realize they were hacked. Annually, $114,000,000,000 is stolen via Global Cyber Crime. This figure jumps to $388,000,000,000 as a result of the ‘down time’ of services caused by these nefarious events. Alexander referred to this as, “The greatest transfer of wealth in history”.
$388 Billion is undeniably a massive amount of money. However, it is a big jump to say that we are completely engaged in a ‘Cyber War’. While attacks on U.S. Critical Infrastructure are on the rise, many of the current threats and concerns are related to Cyber Espionage, Cyber Crime and Political and Military Espionage that target American citizens, companies and financial systems. In addition to these types of theft, the final type of risk to address is the ‘destructive attack’ referenced above. This type of attack disrupts not only communications capabilities, but physically destroys equipment. “If the BIOS or some other portion of the firmware were destroyed, your system would have to be replaced to work again”, Alexander went on to discuss. While Government users and employees are the likely targets for such attacks, the millions of Americans utilizing mobile devices every day are a major concern as well.
With so many Cyber Security concerns existing in our day to day lives, we MUST strive to protect ourselves. General Alexander discussed 5 key areas that provide the framework for a initial security strategy from the Defense Department perspective:
Commander of U.S. Cyber Command and director of the National Security Agency, General Keith Alexander
1. Build a Defensive Architecture – Go to ‘The Cloud’ environment.
· Thin, virtual IT Infrastructure which is much more defensible than what we use today
· Increase threat awareness to identify, analyze and update patches to mitigate vulnerabilities at Network Speed
2. Train a capable Cyberforce
· Identify the training standards that must be in place for the Military, Government, and Civilians to protect the country in Cyberspace
· Ally with dozens of universities currently working on Cyber security and Information Assurance
3. Define Cyberspace
· How do we see Cyberspace?
· How do we share information between Government Departments? Between the Government and Industry?
· Share that information while keeping Americans’ privacy and civil liberties intact.
4. Get Everyone Talking Together
· Department of Defense and Global Combatant Commands, Intelligence Community, Department of Homeland Security, FBI need to cooperate
· Define command and control and leverage the best practices of each organization
5. Cyber Legislation
· Craft the policies, rules and standards on how to proceed smartly and safely
· CYBERCOM and NSA share knowledge of threats with key nodes throughout U.S. Cyberspace
· Educate Americans about Information Sharing
Many Americans fear that the counter measures against Cyber Security threats will infringe on their privacy and civil Liberties. General Alexander voiced his understanding for this concern throughout his talk. Educating Americans on how and why we protect ourselves against such threats are the keys to calming these worries. Experts identify nefarious activity by examining data in hexadecimal formats; they look for signatures that target ports and other network-internal components. Such analytic methods DO NOT require reading private communications. Knowledge management is another concept that CYBERCOM utilizes heavily to maintain accountability of all entities involved in security. General Alexander enforced this thought by stating, “The great thing about Cyber is that everything we do, we can audit with great reliability”.
Americans are living more of their lives online than ever before. Our mobile devices and Internet equipped platforms represent an incredible technology at our fingertips – most users would be hard pressed to give up these tools. Unfortunately, certain individuals and organizations are bent on using this technology for malicious purposes. Cyber Attacks are carried out to steal money, identities, and sensitive information or to create chaos and instability in the real world. Since these vital tools are here to stay, the United States has a responsibility to ensure that Internet-based technology is safe and secure. After all, the seeds of the Internet were planted many decades ago by a US Department of Defense agency known as DARPA – the Defense Advanced Research Projects Agency. “If you think about it, we’re the country that made much of this technology, and we outta be the first ones to secure it,” urged General Alexander.