US struggles to pinpoint cyber attacks: Top official

March 10, 2009 National Intelligence Director Dennis Blair

Enlarge

National Intelligence Director Dennis Blair testifies before the Senate Armed Services Committee on Capitol Hill in Washington, DC. The United States often cannot quickly or reliably trace a cyber attack back to its source, even as rival nations and extremists may be looking to wage virtual war, Blair warned Tuesday.

The United States often cannot quickly or reliably trace a cyber attack back to its source, even as rival nations and extremists may be looking to wage virtual war, a top official warned Tuesday.

"It often takes weeks and sometimes months of subsequent investigation," said US intelligence director Dennis Blair, "and even at the end of very long investigations you're not quite sure" who carried out the offensive.

China, Russia and other countries already could be potent online foes and terrorists may find it easier in the future to hire to target key systems, Blair told the Senate Armed Services Committee.

"Terrorists are interested in using cyberweapons, just the way they're interested in using most any weapon they can use against us," notably to target systems critical to the high-tech driven US economy, he said.

"We currently assess that their capability does not match their ambitions in that area, although that's something we have to work on all the time because things become more widespread, terrorists can find hackers to work for them," he said.

"It is a concern, but right now I'd say their capability is low and, in addition, I think the more spectacular attacks that kill a lot of people on very publicly is what they are looking for," said Blair.

Blair told the panel, which was looking at to US interests, that Washington is "absolutely" trying to speed up what is now the "very slow and painstaking" process of determining who carried out a cyberattack.

(c) 2009 AFP


print this article email this article download pdf blog this article bookmark this article     Stumble it Digg this share on Facebook retweet share on Reddit add to delicious
Rate this story - 3 /5 (3 votes)

Rank Filter

Move the slider to adjust rank threshold, so that you can hide some of the comments.


Display comments: newest first

  • brant - Mar 10, 2009
    • Rank: not rated yet
    Take away their internet.....
  • paulthebassguy - Mar 10, 2009
    • Rank: not rated yet
    The problem seems to me that there is too much bureaucracy in these investigations and not enough focus on the technological front line.
  • Arikin - Mar 11, 2009
    • Rank: not rated yet
    With such a large amount of traffic being routed through the USA, how are you going to track it?

    We could do like China has and use packet sniffing at key intentionally created bottle necks in the routes.

    In the end its a question of how much freedom and privacy you are willing to give up for security.
  • ealex - Mar 11, 2009
    • Rank: 5 / 5 (1)
    We need more wiretapping. Obviously.

    /* irony */

    If government agencies would invest properly in security and training for it's personel, the majority of cyberattacks wouldn't even be possible.

    Contrary to most people's views, you CAN be secure. You can't be 100% secure because there's always the human factor, trained or untrained, but the majority of cyberattacks are either on poorly secured software OR poorly secured workstations. Both of which are securable.

  • MGraser - Mar 11, 2009
    • Rank: not rated yet
    Perhaps it's time to revamp the communications protocol to something that allows better tracking/auditing. We've held onto IPv4, because I think everyone's nervous about trying to change such a global standard. However, if all the major players agree, coming up with a more accountable protocol might be the way to go. The current one works well, but is too open to modification, which is (I think) what allows these people to hide and deflect.
  • Arikin - Mar 11, 2009
    • Rank: not rated yet
    Mgraser, even old school techniques like connecting through several servers in a chain will work in IP6.

    Or hiding by just spoofing your IP in IP4 isn't fool-proof. It just requires you to ask permission for the IP assignment info from several different private ISPs for their IP ranges.

    But like ealex said, the human factor is the easiest way to get into a server and use it. Clicking yes to viruses, laziness in not updating/securing a server, trusting connections from others servers in your network, SIMPLE passwords or writing them down somewhere in your desk, etc.

March 10, 2009 all stories

Comments: 6

3 /5 (3 votes)
  • Stumble this up

  • Digg this

  • share this

  • hide

  • Related Stories

  • Hewlett Packard to create 500 jobs in Ireland
    created Mar 10, 2009 | popularity not rated yet | comments 0



  • hide

  • Relevant PhysicsForums posts

  • Aspiring Engineering major looking for general answers
    created Nov 19, 2009
  • Calculating max load of square tube (steel)
    created Nov 19, 2009
  • Passive Chemical Heating
    created Nov 19, 2009
  • Shortening Boat Trailer
    created Nov 18, 2009
  • More from Physics Forums - General Engineering

Other News

Suit over search-engine keywords tries new angle

Technology / Internet

created 11 hours ago | popularity 2.5 / 5 (2) | comments 0

(AP) -- A lawsuit in Wisconsin is bringing a fresh challenge to the practice of paying for keywords on Google and other search engines to boost one company's link over a rival's.


Screen of a computer featuring a search of the word "edition" on the home page of Google's website

Google books hearing set for February 18

Technology / Internet

created 13 hours ago | popularity not rated yet | comments 0

A US judge set February 18 for a hearing on the revised legal settlement between Google and US authors and publishers that would allow the Internet giant to scan and sell millions of books online.


Trust Linux!

Trust Linux!

Technology / Software

created 17 hours ago | popularity 4.3 / 5 (3) | comments 0

(PhysOrg.com) -- A team of researchers has implemented support for 'trusted computing' in a commercially available version of the open source operating system Linux, breaking new ground in the global drive ...


Newspapers are displayed at a newsstand

US newspaper ad revenue down nearly 28 percent

Technology / Business

created 11 hours ago | popularity not rated yet | comments 0

US newspaper advertising revenue fell by nearly 28 percent in the third quarter, continuing a slide which has led to layoffs, bankruptcies and the closure of several dailies.


Cisco has released a Web security app for iPhone

Cisco releases Web security app for iPhone

Technology / Software

created 13 hours ago | popularity 4.5 / 5 (2) | comments 0

Cisco on Friday announced the release of a free iPhone application for anyone who wants to stay on top of the latest trojans, worms, or other threats marauding on the Internet.




PhysOrg Account
advanced search
  • follow with twitter
  • follow on facebook
  • read with kindle
  • customize RSS
  • physorg mobile
  • newsletter