Government Technology

Why So Quiet on the Cyberthreat?



February 13, 2013 By

Cyberattacks continue to rise and more, albeit not enough, attention is being given to the threats posed by cyberattackers. The United States is vulnerable in many ways, including the energy grid, which comprises 160,000 miles of high-voltage lines, millions of miles of distribution lines and thousands of generators and transformers. Experts say it would be difficult to harden such a structure against a deliberate attack and that power could be lost for weeks or even months, causing regional chaos for which we aren’t prepared. We interviewed Jarno Limnell, cybersecurity director for Stonesoft Corp., about the threats facing the U.S. and the world and what can be done about them.

Limnell’s background and education in Helsinki, Finland, including working as a lecturer of strategy at the Department of Strategic and Defence Studies at National Defence University, cements his resumé as a spokesperson on cybersecurity issues

Question: Why has cybersecurity not been given more attention?


Answer: That is an excellent question because I have been traveling quite a lot around Europe and having very interesting discussions on these issues with security experts, the media and governments.

During many of those discussions, we have been together thinking about why cybersecurity was not a strong theme in your elections. And one European point of view is that, in many ways, European countries are actually following very carefully your cybersecurity policy and what you have already done and are using your solutions in cyberpolicy as a guide for their own policies.

Where do the main cyberthreats come from?

It is not always about the capabilities. There has to be intention to use those capabilities, and I think the same logic goes to the cyberdomain as it goes for the physical world and thinking about who has the main intentions to harm your society.

At this moment I would say that the threat comes from Iran and possible terrorist groups. But at the same [time], I have to say when we are so concentrated on cyberwar problems, I would announce strongly that thinking about the security of the U.S., the main threats in the cyberdomain are cybercrime and cyberespionage, especially espionage against your country. That is very evident and something China is doing very strongly at this moment. All the nations are dealing with the same issue against each other, but I think China is the main source concerning cyberespionage. When talking about cybercrime, Russia is the main opponent at this point.

What about an attack on the infrastructure of the U.S. power grid?

I don’t want to cause too much fear or put too much emphasis on this threat, but I have to be honest, especially referring to my research background. If I would like to harm your nation, I would not use any physical power. I would use cyberweapons against your critical infrastructure, affecting your power grids, for example, and transportation systems. The U.S. has become much more dependent on the functionality of the digital world, which I call cyberdomain and cybersecurity, everything in the physical world nowadays is controlled digitally.

If I wanted to harm your society, I would take your electricity and water away for a while. And I think from a military point of view, this raises a new question because usually when we are talking about war, it is between armies fighting in the air and on the sea and so on. But when I think about cybersecurity and the possible targets, they are not military, they are against critical infrastructure because you are so dependent on it.

Because of this, it is very important to raise the concept of resilience. When I think of my own country’s security from a comprehensive point of view, the main thing that Finland has as a strength is the resilience of the whole society, meaning whatever the threat is and however badly Finland society would be harmed, damaged or even paralyzed, we have other options to work and continue to function and plans and the capabilities to re-establish our systems.

You have to have resilience, meaning whatever happens, you’re not paralyzed. You [must] have other systems to continue, so whatever happens you can continue functioning. You have to show the attacker that, if you are attacking us, we don’t paralyze, we have the resilience. And secondly, we will find you, wherever you are attacking from.

And you must have offensive cybercapabilities. This is a very sensitive issue. For example, in France, there is no discussion at all on this and the same goes for Finland. You must give others the feeling that you have the offensive cyberabilities, and if you are attacked, when you locate your enemy, you are ready to use your offensive capabilities.

How do you develop that resilience?

That is something we are thinking about a lot these days. When I think about the future of security, especially defense, we have so many different threats you can’t be prepared against them all. The main starting point is to build and strengthen your resilience.

That starts mentally — thinking that whatever happens you don’t paralyze. Many times I have used this as an example: We had a very bad storm last winter and my house almost ran out of water and electricity for three days. So there were no lights, no heating, no water to use in the whole area. We were not able to get money from the banks for gas, and we couldn’t go to the store because it was closed. People panicked.

They didn’t have fireplaces in their homes; they were 100 percent reliant on electricity for heat, and when the electricity went off it got cold. But many of my neighbors moved on the second day to other cities in order to have electricity. I think this is a good example of resilience, that whatever happens, you have to be prepared for different situations and you must have the options to build your resilience.

Image from Shutterstock

This story was originally published by Emergency Management


| More

Comments

Dan Lohrmann    |    Commented February 14, 2013

Jim, This is a good piece. However, I disagree with the statement: "not enough, attention is being given to the threats posed by cyberattackers." There were thousands of articles on this cyberthreat topic in 2012, and many were headlines in major newspapers. However, other issues such as our national debt, elections, immigration, and more, tend to grab attention. I agree on the other points made - especially on resilience. Nevertheless, most users of technology still choose "easy to use" over security, until it is often too late. Thanks for the article, Dan

Harv Whitney    |    Commented February 14, 2013

Jim, Great article and I agree with what you have said concerning Cyber Security. Clearly there have been numerous examples over the past few years where many of our Defense Agencies alleged secure computer systems have been hacked and penetrated. This extends way beyond our Defence Agencies to include Banks, credit card companies just for an opener. We have as you have so well stated a very very serious issue here that needs to be proactively addressed now not tomorrow.

Jimmy76    |    Commented February 15, 2013

Just in the last several weeks, there have been major attacks against government and major US corporation computer systems. I will use the words attack and threat to describe these events. If it is sponsored by a foreign nation, how come there can't be a military response? Shutting down our infrastructure and stealing our trade secrets just seems the same as an invasion. If nothing else, it is a precursor to one or part of one.

Larry Karisny    |    Commented February 19, 2013

I have written 28 articles on the subject www.govtech.com/authors/98561004.html and am concerned about too much talk and too little action. We have two problems as I see it. We are not securing what we need to secure and current security technologies are not working. With a trillion user connected apps and Internet of Things devices projected in the near future we better start getting serious about security now or we won't have a network to run on later.


Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Redefining Citizen Engagement in a Mobile-First World
Today’s consumers are embracing the ease and convenience of anytime, anywhere access to the Internet from their mobile devices. In order for government and public sector organizations to fully engage with their citizens and provide similar service quality as their consumer counterparts, the time is now to shift to mobile citizen engagement. Learn more
McAfee Enterprise Security Manager and Threat Intelligence Exchange
As a part of the Intel® Security product offering, McAfee® Enterprise Security Manager and McAfee Threat Intelligence Exchange work together to provide organizations with exactly what they need to fight advanced threats. You get the situational awareness, actionable intelligence, and instantaneous speed to immediately identify, respond to, and proactively neutralize threats in just milliseconds.
Better security. Better government.
Powering security at all levels of government with simpler, more connected IT.
View All

Featured Papers