Experts: Iran and North Korea are looming cyberthreats to U.S.
The two countries may lack some capabilities, but they have strong intentions to do harm, experts say
IDG News Service - Cyberattacks supposedly originating from China have raised alarms in recent weeks, but U.S. businesses and government agencies should worry as much about Iran and North Korea, a group of cybersecurity experts said.
China and Russia have significantly more sophisticated cyberthreat capabilities than do Iran and North Korea, but the two smaller countries are cause for concern in international cybersecurity discussions, the experts told a U.S. House of Representatives subcommittee Wednesday.
While China and Russia maintain active diplomatic ties with the U.S., which should discourage them from launching major attacks on the U.S., Iran and North Korea may be driven to attack the U.S. out of desperation to maintain their political regimes in the face of global isolation, said Frank Cilluffo, director of the Homeland Security Policy Institute and co-director of the Cyber Center for National and Economic Security at George Washington University.
Iran still lacks the capabilities of Russia and China, but it has been testing its cyberattack abilities in recent months, Cilluffo said. "The bad news is ... what they lack in capability, they more than make up for in intent," he said. "Whatever [capability] they don't have, they can turn to their proxies or buy or rent."
Iranian attackers can buy botnets that can disrupt U.S. businesses, he told the House Homeland Security Committee's cybersecurity subcommittee. Cybersecurity experts have pinned a series of denial-of-service attacks on U.S. banks early this year, and a 2012 attack on Saudi Arabia's national oil company, Aramco, on Iranian hackers.
North Korea is a "wild card," Cilluffo added. The country is actively seeking cyberattack capabilities, he said.
Hackers in China and Russia are largely focused on espionage and theft, but those two countries have less interest at the moment in damage-causing cyberattacks on the U.S., Cilluffo said. The capabilities of China and Russia make them advanced persistent threats, but "they have some modicum of responsibility and recognize that we can retaliate," he said.
Iran and North Korea are more unpredictable, witnesses at the hearing said. Iran seems to be focusing its cyberattack capabilities on retaliation against the U.S. and Israel if the two countries attempt to shut down its nuclear program, said Ilan Berman, vice president of the American Foreign Policy Council, a think tank. That focus makes Iran "particularly volatile," he said.
Iran's attack on Aramco in mid-2012, causing damage to 30,000 computers, was a warning to the U.S. and other countries about the country's growing capabilities, Berman said. Iran is "outlining how they would act in the event of a breakdown in relations," he said. The Aramco attack "can be seen as a signaling mechanism by which Iran is telegraphing to the international community" its plans to attack critical infrastructure if war breaks out.
Representative Mike McCaul, a Texas Republican, asked when cyberattacks cross the line into warfare. "At what point do we respond?" he said.
Berman said he couldn't answer that question. Instead, U.S. defense and intelligence officials need to make that decision, he said.
Cyberattackers are changing their tactics as large U.S. companies harden their defenses, said Richard Bejtlich, CSO at security vendor Mandiant, which recently pinned responsibility for several espionage campaigns on a Chinese government cyberunit. Attackers are often targeting smaller companies that partner with large organizations, and then working their way in to the larger target, he said.
The attacks are often successful because "there's an imbalance between offense and defense," Bejtlich added. "A single attacker or group of attackers can keep hundreds or thousands of defenders busy."
Grant Gross covers technology and telecom policy in the U.S. government for The IDG News Service. Follow Grant on Twitter at GrantGross. Grant's e-mail address is email@example.com.
- 10 Hot Big Data Startups to Watch
- 11 Unique Uses for Google Glass, Demonstrated by Celebs
- How to Export Your Google Reader Account
- How to Better Engage Millennials (and Why They Aren't Really so Different)
- Telltale signs of ATM skimming
- 20 security and privacy apps for Androids and iPhones
- Big screen con artists: 7 great movies about social engineering
The Pentagon's cybersecurity budget through 2018 is $23 billion to protect critical infrastructure and develop cyberattack capabilities. Although America and Chinese presidents discussed cybersecurity and cyber espionage, China is hitting back about US nation state hacking. Those cyberattacks could be from elite cyberwarfare warriors working in a secret NSA office called Tailored Access Operations (TAO); it has been successfully hacking China for nearly 15 years.
- IT Certification Study Tips
- Register for this Computerworld Insider Study Tip guide and gain access to hundreds of premium content articles, cheat sheets, product reviews and more.
- Federal IT Innovation Caught in a Catch-22
- Fed resources shoring up old infrastructure, holding back new technologies.
- Top Three Reasons Why Customers Deploy EMC VNX with EMC VPLEX
- What if you could build a cost effective, continuously available storage infrastructure? Learn the top reasons users are deploying EMC VNX with EMC...
- Clearing the Clouds for Midmarket Businesses
- The 10-point checklist included in this expert brief has been developed to help small and midsize businesses select the cloud model and cloud...
- Perforce Case Study
- Learn how EMC cost-effectively transformed their infrastructure and improved storage performance by 60% by unifying storage, deploying virtualization and leveraging Flash to meet...
- Data Center Transformation: Balancing user demands with IT mandates
- There's a flood of user requirements, computing trends, and new technologies driving the need for you to look closely at your IT infrastructure. All Government IT White Papers
- Williams & Fudge on Transforming IT with EMC
- Watch Williams & Fudge Data Center Director Phillip Reynolds discuss why this accounts receivable management firm turned to EMC.
- The Success Network: Driving Business Forward
- The communications and connectivity infrastructure of your organization is the focus of this KnowledgeVault Exchange, sponsored by Comcast Business.
- Advanced Voice Solutions for Your Business
- How can hosted business class voice services help mid-sized business be more agile, competitive and ready for growth?
- Bring Mobile Innovation to your Enterprise.
- With the mobility revolution well underway, CIO's and Line of Business owners are faced with the struggle to develop a winning mobile strategy.
- Innovation in the Cloud
- Managing HR and financial information in the modern business requires efficient business practices and technology. All Government IT Webcasts