The nature of cybersecurity attacks is becoming more dangerous and the threats on business and government more disturbing, a group of IT and cybersecurity experts said at a Cybersecurity Summit, held by the Washington Post Oct. 3.

"I think that people need to understand that in the last 12 months there's been a qualitative change," said Craig Mundie, senior adviser to the CEO at Microsoft. "The threats are moving to destructive attacks. Unlike conventional weapons, every time someone shoots one of these weapons, the bad guys get to watch it, then clone it."

Gen. Michael Hayden, former director of both the National Security Agency and the CIA, told attendees that U.S. computer networks -- not just government systems, but corporate systems and ordinary citizens' computers -- face layers of threats. While concerns about systematic penetration by nation states such as China, India and Russia are well recognized, that threat primarily is of intellectual property theft.

"We steal stuff, I admit that," he said of U.S. intelligence community efforts, "but we do it to protect citizens, not to get rich."

More concerning are the emerging threats that want to damage systems, such as the cyber attack against the Saudi Arabian national gas company Aramco. Hayden pointed out that about 35,000 hard drives were wiped clean in that attack.

The emerging new groups of attackers act on a wide range of motives. They are "just mad, mad at the world. Blessedly, they are the least capable right now," Hayden said, but "they may acquire capabilities comparable to nation states and criminals."

... Read full story on InformationWeek


Post a comment to the original version of this story on InformationWeek