22 June 2016

*** Who Are the Biggest Threats in Cyberspace?

June 20, 2016

U.S. Cyber Command Chief on What Threats to Fear the Most

Over the past few years, cyberattacks on businesses have led to huge losses and diminished consumer confidence. But cyberattacks are also happening on the national scale as the internet becomes another arena for global conflict. 

To get a picture of this emerging battlefield, The Wall Street Journal’s Rebecca Blumenstein spoke with Lt. Gen. James K. “Kevin” McLaughlin, deputy commander of the U.S. Cyber Command. 

Here are edited excerpts of the conversation. 

Cyberwar on terror MS. BLUMENSTEIN: If we’re fighting ISIS on the ground in Syria, how surprised are you now at their capabilities, their cybercapabilities? Are you needing to invest a lot of money to keep up with them? Can you give us a sense of how important this is on the ground right now? 

LT. GEN. MCLAUGHLIN: ISIL’s a very dangerous foe. All you have to do is read the paper over the last six or eight months. You can see the threat they pose to the United States as well as our allies.

On the cyber side, they have lots of aspirations to be a cyberactor. And this is an area you can buy and create capabilities. So we do pay attention to it.

But I would say, on the cyberthreat today, the most dangerous thing we see is them trying to steal the personal information of our military members and then publishing that and trying to generate some potential threat against military people who might post things on social media or other places.

I never discount any adversary and their ability to do something dangerous to us. But today, on the cyber side, they’re a lower threat than other actors.
MS. BLUMENSTEIN: How about the Russians and the Chinese? 


LT. GEN. MCLAUGHLIN: There are several large countries, like Russia and China, that are very, very capable cyber actors. We look at them seriously. You talked a little bit earlier about theft of intellectual property, which has been going on for a long time. The threat of them stealing the data on our employees is also something that’s important.

But the types of threats that we worry most about today that are new are adversaries taking full control of our networks, losing control of our networks, having a hacker appear to be a trusted user.

On the military side, you can imagine the difficulty that would cause a commander, if he didn’t trust his own network or his data.

But then the Sony SNE 0.29 % incidents of last year show you [the threat of] destructive cyberattacks. A keystroke, and thousands of computers, they’re broken. They no longer function. So we watch those adversaries very closely to make sure we know what they’re doing in cyberspace.

Public and private MS. BLUMENSTEIN: One sticking point between government and business has been how much government and business should work together. There has been a certain level of mistrust. And companies haven’t been quite sure how much information they should share with one another. What would your advice be to companies? 
LT. GEN. MCLAUGHLIN: I think we are doing better, on the government side, of being able to take threat data and share it. I think that’s happening more and more, even classified data being declassified and then being put in a way that we can share it with critical industry segments.

But there’s really not a two-way flow of information today, for some of the reasons that you mentioned. So the real question is, from a U.S. perspective, what’s the beneficial relationship [we can form with business] so that we can defend ourselves and that you can take advantage of what we bring to bear from the government side?

We can take advantage of your expertise. Often, you may be the first place where some threat is seen that we haven’t seen from our sensors or from our infrastructure. The earlier we know about that, and the earlier other parts of the broader private industry team knows it, the faster everybody can defend against it. But if it was easy to do, we’d already have all that in place. 

MS. BLUMENSTEIN: You mentioned Sony and the North Koreans. What can you tell us about what went right in that example and what went wrong? 

LT. GEN. MCLAUGHLIN: You notice that the president attributed that to the North Koreans. It’s pretty rare that that kind of strong attribution is able to be done.


LT. GEN. JAMES K. “KEVIN” McLAUGHLIN | ’We are doing better, on the government side, of being able to take threat data and share it.’ Illustration: Ralph Alswang/Dow Jones I think the sharing of information for what was known in the government with the parties involved, worked really well.

I think the fact that all of us on the government side were sharing information, it allowed the leadership of the nation to make some rapid decisions on how they wanted to respond to it.
But to me, it was just an example, even though [U.S. Cyber Command wasn’t] playing a direct role, it was an example of watching the broader team function.

As things like this happen in the future, where we might have a role, we learned a lot from how the military and cyber community participate rapidly with our interagency partners.

The cost of attacks MS. BLUMENSTEIN: Extraordinary investments are required now for cybersecurity. But looked at another way, there’s an extraordinary cost to getting it wrong. 

I was talking to one of the CFOs out there who said, “Can you ask, what is the estimated loss?” Is there a total number? Or do you just know specific incidences? 

LT. GEN. MCLAUGHLIN: I don’t know a dollar figure. Within some industry segments, they might be able to put a dollar figure on that.

What I think about is the broader national-security loss. For example, if large amounts of our intellectual property that make up the core technologies of our military forces, if we spent decades and billions of dollars or trillions of dollars over a long period to develop that, and an adversary can just steal it and immediately be at that same level that we are and not have to invest their time. From a security perspective, that’s a strategic loss for the nation.

So if they can steal that information and, perhaps, hold us at risk, because we might be attacked in cyber using some vulnerability that was discovered because of [the intellectual-property theft], I quantify it in terms of broader risk to the country.
I can’t put a dollar cost on it. But the risks are significant.

No comments: