Slashdot Mirror

← Back to Stories (view on slashdot.org)

US's Greatest Vulnerability is Ignoring the Cyber Threats From Our Adversaries, Foreign Policy Expert Says (cnbc.com)

Posted by msmash on from the tough-discussions dept.

America's greatest vulnerability is its continued inability to acknowledge the extent of its adversaries' capabilities when it comes to cyber threats, says Ian Bremmer, founder and president of leading political risk firm Eurasia Group. From a report: Speaking to CNBC from the Munich Security Conference on Saturday, the prominent American political scientist emphasized that there should be much more government-level concern and urgency over cyber risk. The adversarial states in question are what U.S. intelligence agencies call the "big four": Russia, China, North Korea, and Iran. "We're vulnerable because we continue to underestimate the capabilities in those countries. WannaCry, from North Korea -- no one in the U.S. cybersecurity services believed the North Koreans could actually do that," Bremmer described, naming the ransomware virus that crippled more than 200,000 computer systems across 150 countries in May of 2017.

Borge Brende, president of the World Economic Forum, weighed in, stressing the economic cost of cyber crimes. "It is very hard to attribute cyberattacks to different actors or countries, but the cost is just unbelievable. Annually more than a thousand billion U.S. dollars are lost for companies or countries due to these attacks and our economy is more and more based on internet and data."

11 of 102 comments (clear)

  1. Well, possibly, just possibly by Anonymous Coward · · Score: 5, Insightful

    If we would acknowledge that the problem exists, rather than deny it because it somehow diminishes the ego of the current occupant of the Oval Office, we could start to do something about it.

  2. Goose, meet Gander by Archtech · · Score: 4, Insightful

    Stuxnet - I bet the Iranians never believed the USA could do THAT. A real act of war if ever there was one.

    It will be interesting to watch how the US government goes about preventing all "foreign" interference by way of the Internet and the Web without completely cutting the USA off from the rest of the world.

    --
    I am sure that there are many other solipsists out there.
  3. The problem is of our own making by Anonymous Coward · · Score: 5, Insightful

    Instead of the NSA working with privacy industry to fix exploits, it sits on them and weaponizes them. It means other parties who find the same can also exploit them against us. It makes all our security weak.

    Then we insist on putting industrial and military systems on the internet when smarter countries are moving the other way, sometimes even using paper records to make the data more difficult to steal. Not that paper data can't be stolen but it is harder to get a lot at once and it requires old fashioned spy methods.

    'Then we have legions after legions of technically clueless managers who ignore the advice of security experts for "convenience".

    So if we have cyber security probs those are probs we made for ourselves and we deserve to face the consequences.

  4. Seriously? by Anonymous Coward · · Score: 2, Informative

    We're vulnerable because we continue to underestimate the capabilities in those countries. WannaCry, from North Korea -- no one in the U.S. cybersecurity services believed the North Koreans could actually do that

    WannaCry famously used exploit code developed by NSA. It demonstrates an almost sociopathic lack of self-awareness to turn around and blame threats caused by the unnecessarily agressive weaponisation of the internet by US state actors on those same actors underestimation of the threat posed by others.

  5. Biggest Cyberthreat by StormReaver · · Score: 3, Insightful

    Our biggest cyberthreat is Windows. Until that thread is neutralized, we will continue to be unnecessarily vulnerable.

  6. Re:Shut the fuck up by MightyMartian · · Score: 3, Funny

    Thanks for that Ivan. How's the weather in St. Petersburg?

    --
    The world's burning. Moped Jesus spotted on I50. Details at 11.
  7. Re:FP "experts" have no skin in the game by Anonymous Coward · · Score: 3, Informative

    Snappy!

    Pity it just sounds good. That's nothing more than some philosophical bubble gum to make you feel better about your contrarian bullshit.

    There's a problem with the internet and it's eating your country alive.

  8. Ignorance by XSportSeeker · · Score: 2, Insightful

    The problem lies on a way more fundamental level...
    For instance, how much Equifax had to pay for leaking a whole ton of sensitive data? It was obviously less than enough.
    How much other companies who leaked medical data, credit card data, governmental data, electors data, had to pay for weak security?
    Not enough.
    US is it's own cyber threat, it doesn't need to label other ships as the enemy, it's sinking by itself.
    What's the response around security from US politicians? Let's use fearmongering against smartphone companies without any proof and bar them from the US market without any proof of doing anything wrong, because we think the chinese government might exploit connections to spy on us. It applies because we'd certainly do the same in their position.

    We don't punish incompetence, we put in question the competence of others, and we accuse others of the unethical behaviour that we practice and deserve to be called for. US gets exactly what it deserves. Leaders who thinks they own the place and keep pushing others away while making unreasonable demands all the time eventually gets overthrown. Those who still didn't get this will be forced to given time.

  9. Bullshit: It's "smart phones" by DogDude · · Score: 3, Insightful

    Windows isn't the biggest threat. I know plenty of people who don't even have a computer any more. Besides, Windows can be locked down.

    Phones, on the other hand, are always-on cameras and microphones that cannot be locked down in any way. Phones alsoallow for 100% harvesting of all email, text messages, and phone calls sent through them.

    We'd be in good shape, as a country, if Windows really was the greatest "cyberthreat".

    --
    I don't respond to AC's.
  10. Deny/deflect/trivialize by marcle · · Score: 2

    Interesting to see so many comrades on the job right away. Slashdot must be closely monitored.

  11. The data very much indicates the opposite by raymorris · · Score: 2

    Our company provides security services for many fairly large companies. Rackspace, for example, is one of our many customers. You can imagine how much data flows through our IDS every day. We have millions of security events logged.

    Attacks can be broadly classified into two groups - bulk, unsophisticated attacks, and targeted, more sophisticated attacks.

    The largest VOLUME of attacks come from Eastern Europe and Russia, places where local law enforcement isn't all that concerned about hackers targeting the US, and there are computer geeks capable of attacks. That's a lot of countries, though - the single country with the greatest number of attacks is China.

    The most sophisticated attacks come from China.

    I have phone numbers of FBI agents at the Cyber Division who want to hear about any significant attacks originating in the US. If a domestic attacker targets a specific organization or group of organizations, the FBI can send a Cyber Action Team to the targeted facility within 24-48 hours. The CAT performs the initial forensics, making sure evidence isn't lost, assesses the threat, and can call on other experts as needed. The Cyber Action Team is the first step in series of events that involves the Computer Fraud and Abuse Act. The US is not a the place to be if you're a black hat hacker. If you're going to try to hack US computers in a significant way, you REALLY want to be somewhere the FBI won't go to visit you.