For those of us working in the network security business, we're well aware of the threat posed by targeted threats, but it's a subject that's just gaining traction in Congress and the threat posed to US businesses and critical infrastructure is only partially understood.
This month Robert Muller testified in front of the United States Senate at the Worldwide Threat hearings. Along with National Intelligence Director, James Clapper, CIA Director, Leon Panetta, and other intelligence czars, the agency leaders outlined the targeted threats posed by state sponsored cyber espionage and cyber attacks. Not surprisingly, China was identified as the leading state sponsor of cyber attacks, with the recent Sykipot Trojan, being a recent example.
Muller readily admitted that the way in which cybercrime is addressed needs to change because threats are emerging so quickly and in so many different forms, that attempting to create new technology-based responses to them will be impossible. The focus should not be trying to isolate networks but on how to make them resilient.
It's a busy session in Congress for cybersecurity-related topics. The House Communications Subcommittee is also meeting to discuss the role of ISP cable operators, and telcos in detecting malware and mitigating the impact of cybersecurity attacks. Meanwhile, legislation introduced into the Senate enables the US government to provide aid to countries of "cyber concern". In a move that is reminiscent of many US overseas aid programs to counter ideological or physical threats to US security, countries at risk of cultivating, hosting, or abetting cyber attackers will now be eligible to receive additional aid grants.
Look for more in-depth coverage on these issues in the coming weeks from Mandiant's General Counsel and VP of Legal Affairs, Shane McGee.