The FBI announced recently it considers cyber attacks to be the third greatest threat to the security of the United States. The only two preceding it are nuclear war and weapons of mass destruction (WMD). This was recently stated by Shawn Henry, assistant director of the FBI's cyber division. A cyber attack is typically inexpensive and can be easily developed in clandestine operations. The creation of a Cyber Weapon requires only a few things. The first is a means and vulnerability and there are plenty of those. The rest are software developers, development tools, the intent and a way to get the weapon to an adversary's computer system or network.
Since they talked about cyber along side of WMD attacks, I thought it would be interesting to look at spending on the two. This comparison is in no way meant to minimize or overlook the catastrophic loss of life that is sure to occur in a nuclear war or use of WMD. It is just to look at the threat and the attention and dollars being given to each. The United States spent a reported $52 billion plus on nuclear weapons and related programs in fiscal year 2008. Based on our research, the classified Presidential Directives signed in 2008 combined with other programs are estimated at around $40 billion in total. That is close -- so one might draw the conclusion that the government feels this threat is very real and the implications of such an attack warrant the significant spending. However, there is more to managing the risk of cyber attack than research, hardware, software and services! The policy side of cyber attacks and cyber weapons is perhaps more important.
Recommended Policies:In government speak a policy is the basic principle by which a government is guided. These policies also declared objectives which a government seeks to achieve and preserve in its self interest. The first of this year I sent a document to the United Nations and the Security Council outlining the threat, the trends, and recommendations to address this critical risk to world peace. In February 2009, while speaking at the United Nations in New York, I called upon the UN to take a much more pragmatic and prominent role in protecting against the imminent threat of cyber attacks, cyber terrorism and cyber warfare. I went on to state that without immediate action it is just a matter of time before the world experiences a new global threat -- the threat of a massive cyber attack or war! What I was talking about is the development of policies surrounding the cyber attack issue.
On February 18th,2009 UN Secretary-General Ban Ki-moon stated that this year the Board will be considering cyber warfare and its impact on international security, as well as the equally critical issue of verification. His words were part of a discussion about the need for the international community to advance beyond the stalemate that continues to hinder our work for disarmament and nuclear proliferation. Below are what I think the first steps should be.
First Five Steps:
1. The United Nations needs to define what constitutes a cyber attack, what constitutes an act of cyber war is and define what constitutes an act of cyber terrorism and as well as a uniformly accepted definition of a cyber weapon.
2. The United Nations must create an accord that addresses the threat of cyber attacks and set forth corrective measures that will be taken for those who chose to violate the terms and conditions it sets forth. The agreement must also require cooperation of all member countries with the investigation and prosecutions attackers.
3. Require all countries to report in a uniform fashion all acts and events that meet the criteria set for cyber attacks, cyber war, and cyber terrorism on a quarterly basis.
4. The United Nations must submit a classified, independently audited, annual accounting of all cyber related activities including programs, defenses, spending and acts or events of cyber attacks, cyber war, and cyber terrorism to the Secretary of the UN and the UN Security Council.
5. Develop better cyber intelligence collection and measures to explain the current and potential threat environment to member nations. In addition this intelligence will be used to monitor and take action against those who violate the accord.
We live in dangerous time and it appears many areas of the world are becoming more and more unstable. The global nature of the Internet demands that the United Nations take a lead role and a proactive approach for dealing with the cyber threats that appear to be escalating at an accelerating pace. Failure for the United Nations to accelerate their efforts could further intensify friction caused by these cyber skirmishes and increase international tensions.