[GLLUG] Director of National Intelligence Threat Assessment

[Stanley C. Mortel]

DNI CYBER THREAT SUMMARY
DNI has just released a new unclassified threat assessment.  Below is a
summary of the assessment; the whole document can be found at:
http://www.dni.gov/testimonies/20080205_testimony.pdf

THE CYBER THREAT

The US information infrastructure-including telecommunications and
computer networks and systems, and the data that reside on them-is
critical to virtually every aspect of modern life. Therefore, threats
to our IT infrastructure are an important focus of the Intelligence
Community. As government, private sector, and personal activities
continue to move to networked operations, as our digital systems add
ever more capabilities, as wireless systems become even more ubiquitous,
and as the design, manufacture, and service of information technology
has moved overseas, our vulnerabilities will continue to grow.

STATE AND NON-STATE CYBER CAPABILITIES
Our information infrastructure-including the internet,
telecommunications networks, computer systems, and embedded processors
and controllers in critical industries- increasingly is being targeted
for exploitation and potentially for disruption or destruction, by a
growing array of state and non-state adversaries. Over the past year,
cyber exploitation activity has grown more sophisticated, more targeted,
and more serious. The Intelligence Community expects these trends to
continue in the coming year.

We assess that nations, including Russia and China, have the technical
capabilities to target and disrupt elements of the US information
infrastructure and for intelligence collection. Nation states and
criminals target our government and private sector information networks
to gain competitive advantage in the commercial sector. Terrorist
groups-including al-Qa'ida, HAMAS, and Hizballah-have expressed the
desire to use cyber means to target the United States. Criminal elements
continue to show growing sophistication in technical capability and
targeting, and today operate a pervasive, mature on-line service economy
in illicit cyber capabilities and services available to anyone willing
to pay.

Each of these actors has different levels of skill and different
intentions; therefore, we must develop flexible capabilities to counter
each. It is no longer sufficient for the US Government to discover cyber
intrusions in its networks, clean up the damage, and take legal or
political steps to deter further intrusions. We must take proactive
measures to detect and prevent intrusions from whatever source, as they
happen, and before they can do significant damage.

At the President's direction, an interagency group reviewed the cyber
threat to the US and identified options regarding how best to integrate
US Government defensive cyber capabilities; how best to optimize,
coordinate and de-conflict cyber activities; and how to better employ
cyber resources to maximize performance. This tasking was fulfilled with
the January 2008 issuance of NSPD-54/HSPD-23, which directs a
comprehensive national cybersecurity initiative. These actions will help
to deter hostile action in cyber space by making it harder to penetrate
our networks.



****************************
Stan Mortel
mortel at cyber-nos.com
****************************