“The attackers are ahead of the defenders in cyber space”, warned Deputy Defense Secretary William Lynn in remarks to the Department of Defense cyber strategy. Lynn further noted that “the technology for intrusions is far ahead of the technology for defenses”.
While the U.S. offensive capability is unmatched at present, the defensive dimension remains dangerously weak by leaving open for our adversaries targets that are both vulnerable and highly valuable.
Admiral Mike McConnell echoed this warning in his concern that the U.S. Cyber Command could not defend the country as Washington’s current cyber-command structure is predominately focused on defending the Pentagon along with a few other government agencies, but not the civilian infrastructure.
“All the offensive cyber capability the U.S. can muster won’t matter if no one is defending the nation’s private-sector infrastructure from a cyber attack“, stated the Admiral. Until the U.S. figures out the defensive end of this, we remain hugely, even shockingly, vulnerable.
Due to the Obama adminstration’s failure in underestimating this threat by lacking to develop a coherent policy on how to defend our infrastructure against it, Sony Pictures Entertainment was rendered defenseless in an unprecedented cyber attack.
The attack was committed by a hacker group going by the name of the “Guardians of Peace” or “GOP” that promised a “9/11 style terrorist attack” that forced Sony to pull the theatrical release of the controversial film “The Interview” which depicted the assassination of Kim Jong-un.
While the Obama adminstration on Friday formally accused the North Korean government of being responsible for the devastating attack, the actual perpetrator went unnamed. Obama deliberately omitted from naming the country that was more than likely responsible for the attack, China.
According to the FBI
North Korea’s involvement has been suspected for weeks, though investigators now believe that the malicious software was either launched from mainland China or that it was disguised to make it appear that it did.
While the FBI has formally blamed North Korea, they also stated that they
Believe China is involved because of the sophistication of the malware, which came in the form of “modules or packets,” has never been seen from North Korea; it has only been seen from Iran, China and Russia. The hack appears to have been deployed only after the perpetrators stole user credentials from a high level source, or sources, inside Sony.
The disclosure about North Korea’s involvement came just after Sony hired FireEye Inc.’s Mandiant forensics unit, which last year published a landmark report with evidence accusing a Chinese military intelligence unit of the People’s Liberation Army known as Unit 61398, of hacking into more than 140 companies over six years.
In Mandiant’s 60-page report that exposed one of China’s Espionage Units, it was revealed that Chinese hackers had targeted and penetrated just about every institution of American life.
According to Kevin Mandia, the founder and chief executive of the Mandiant forensics unit
The targets ranged from the U.S. military and government to defense-industry firms, energy and communications infrastructure, think tanks, law firms, embassies, media companies – including the the New York Times, Bloomberg, the Washington Post, and others – and manufacturing.
Hiring Mandiant is more than telling given the work the group has done tracking the behavior of Chinese hackers. The process of this would follow that China had basically committed the initial hack and then sold the access to the GOP. Once the GOP had access the hackers grabbed data and set up an elaborate timetable of release.
To sum it up in a nutshell, David Robb from Deadline concludes that “a Chinese military officer might have outsourced the stolen data to the hactivist group that calls itself the Guardians of Peace, which then released the mountain of stolen information to the media”.
It shouldn’t surprise anyone that Obama’s reaction today was to omit all mentions of China as the President took this route in a cyber attack that happened last year when terabytes of data were stolen from multiple American corporations.
In February, 2013, the adminstration circulated to the nation’s Internet providers a lengthy confidential list of computer addresses linked to a hacking group that had stolen terabytes of data from American corporations. Obama avoided mentioning China by name and left out one crucial fact: that nearly every one of the digital addresses could be traced to the neighborhood in Shanghai that is headquarters to the Chinese military’s cyber command.
The very same headquarters pointed out by Mandiant.
The overarching theme of these cyber attacks is that we are more than vulnerable to attacks as our own government has only prepared defenses for itself and not the people. We confront a relentless enemy; that we have, to date, dared not call him an enemy and confront him openly.
America dodged a bullet this time, but if this attack on Sony has taught us anything, it is that something bigger is coming.