US struggles to pinpoint cyber attacks: Top official
March 10, 2009
National Intelligence Director Dennis Blair testifies before the Senate Armed Services Committee on Capitol Hill in Washington, DC. The United States often cannot quickly or reliably trace a cyber attack back to its source, even as rival nations and extremists may be looking to wage virtual war, Blair warned Tuesday.
The United States often cannot quickly or reliably trace a cyber attack back to its source, even as rival nations and extremists may be looking to wage virtual war, a top official warned Tuesday.
"It often takes weeks and sometimes months of subsequent investigation," said US intelligence director Dennis Blair, "and even at the end of very long investigations you're not quite sure" who carried out the offensive.
China, Russia and other countries already could be potent online foes and terrorists may find it easier in the future to hire hackers to target key systems, Blair told the Senate Armed Services Committee.
"Terrorists are interested in using cyberweapons, just the way they're interested in using most any weapon they can use against us," notably to target systems critical to the high-tech driven US economy, he said.
"We currently assess that their capability does not match their ambitions in that area, although that's something we have to work on all the time because things become more widespread, terrorists can find hackers to work for them," he said.
"It is a concern, but right now I'd say their capability is low and, in addition, I think the more spectacular attacks that kill a lot of people on very publicly is what they are looking for," said Blair.
Blair told the panel, which was looking at global threats to US interests, that Washington is "absolutely" trying to speed up what is now the "very slow and painstaking" process of determining who carried out a cyberattack.
(c) 2009 AFP



We could do like China has and use packet sniffing at key intentionally created bottle necks in the routes.
In the end its a question of how much freedom and privacy you are willing to give up for security.
/* irony */
If government agencies would invest properly in security and training for it's personel, the majority of cyberattacks wouldn't even be possible.
Contrary to most people's views, you CAN be secure. You can't be 100% secure because there's always the human factor, trained or untrained, but the majority of cyberattacks are either on poorly secured software OR poorly secured workstations. Both of which are securable.
Or hiding by just spoofing your IP in IP4 isn't fool-proof. It just requires you to ask permission for the IP assignment info from several different private ISPs for their IP ranges.
But like ealex said, the human factor is the easiest way to get into a server and use it. Clicking yes to viruses, laziness in not updating/securing a server, trusting connections from others servers in your network, SIMPLE passwords or writing them down somewhere in your desk, etc.