The decision by the US military to ban the use of all flash drives, CDs or other mobile devices to fight a virus that has already infected thousands of government computers is yet another illustration of the cyber challenge confronting America.
The Agent virus, a variant of the SillyFDC worm, infects networks and then automatically goes out to the Web to download various tools that can search for data or destroy hard drives. The ban, which took effect last week and will last indefinitely, will present serious problems for the US military which relies on mobile storage devices to manage their data.
However, there are much deeper issues at stake than managing the comparatively simple challenge of a single virus. Since the information revolution began the US government has always been playing catch up to other countries and organized crime gangs that see America as the fattest and richest target in cyberspace.
The National Security Agency, which is responsible for cyberspace security and intelligence, currently estimates that around 120 countries and dozens, perhaps hundreds, of criminal gangs attack US targets every day. What this means is that there are more than three million attacks every day against US government networks.
The current source of many of these attacks is China which began a wholesale assault on governments and business around the world a decade ago. The scale of the Chinese attacks has astonished Western intelligence and has so far proved impossible to stop or even interrupt. The result has been the wholesale theft of billions of dollars of technology advances, research and development advances and the comprehensive penetration of business and government networks.
For example, in June last year the Chinese hacked into the computer network of Bob Gate, the US Defense Secretary. In December last year, Jonathan Evans, the Director General of MI5 wrote to the top 300 British companies, including Shell and Rolls Royce, to warn them that they were the target of economic espionage attacks from China.
The response by different governments to this cyber challenge has been shambolic with a notable lack of a coherent strategy. That in turn has fed the growth of organized crime on the web because it is seen as a crime with almost no likelihood of punishment. In the Web underground today it is possible to buy almost any type of cyber attack service from bespoke viruses to cyber mercenaries who will hack and steal to order.
In response President Bush announced a new cyber initiative earlier this year that will have a budget of around $6billion a year over the next five years. However, America still has no cyber strategy that makes sense and there are continuing turf battles between different agencies over who should do what. The result has been the kind of chaos that has played into the hands of the cyber attackers. Ten years on in the cyber war with China, America is no further forward.
The Obama administration is planning to appoint cyber czar who will provide the kind of tough leadership that can force the defence and intelligence bureaucrats to work together. However, this has been tried before by both Bill Clinton and George Bush and failed because there was a lack of political will to enforce the rhetoric. At the same time, both Congress and the intelligence community used the convenient curtain of secrecy to hide their abject and consistent failure to attack the problem successfully. It remains to be seen whether Obama is willing to attack the institutional incompetence head on.
Comments