A destructive attack from cyberspace "is coming, in my opinion. It is a question of time. What we don't know is how far out it is," and whether it will target commercial infrastructure, government networks or mobile platforms, Army General Keith Alexander told attendees of the "Maneuvering in Cyberspace" symposium this week.
Alexander, commander of US Cyber Command and director of the National Security Agency, said that as the United States has been on the leading edge in developing technology capabilities, it needs to be a leader in defending against cyber threats, according to an Armed Forces press release on the speech.
55,000 new pieces of malware a day
The cost of cybercrime to the global economy is estimated at $1 trillion Alexander stated and malware is being introduced at a rate of 55,000 pieces per day, or one per second. As troubling as these statistics may be, Alexander said his bigger concern is, "what's coming: a destructive element."
Alexander called cybersecurity a team sport that the government and public sector need to work together on to strengthen. He cited the US International Strategy for Cyberspace, issued in May, and the Defense Department (DoD) cyber strategy, released in July, as recent government efforts to bolster cybersecurity.
The Defense Industrial Base Cyber Pilot is also a step in the right direction, he stated. The program authorises the DoD to share classified threat intelligence with participating defense contractors or their commercial ISPs so they can increase their cyber defenses and prevent enemy intrusions into sensitive government networks.
Hundreds of intrusions stopped by new program
A recent Network World article noted that halfway through a 90-day trial, the DoD said it has stopped hundreds of attempted intrusions it would have missed otherwise without its pilot program of sharing classified information about cyber threats with military contractors through the Defense Industrial Base Cyber Pilot. The program, which involves 20 contractors, has been so successful that it may be expanded to the entire U.S. industrial base.
The general's comments also come on the heels of a study out this week that called for the U.S. to significantly cybersecurity intelligence. The study by the Intelligence and National Security Alliance's (INSA) Cyber Council stated that the dilemma that exists in the current cyber-intelligence arena is that the Department of Homeland Security has the authority but lacks the experience and capabilities to orchestrate a comprehensive approach to cyber-intelligence. The DoD has much of the actual cyber-intelligence capabilities, and private industry owns most of the infrastructure.