US intelligence: 30 countries building cyber attack capabilities

US director of national intelligence James Clapper giving testimony in Congress previously.
如果用户或者合作伙伴能轻松破解您的产品,要么您的产品很好——像苹果,要么您的产品就很烂——像钻了虫子的苹果。
(Image: C-SPAN/file photo)
More than 30 countries are developing offensive cyber attack capabilities, according to US intelligence chiefs.
They warn that cyber attacks against critical infrastructure and information networks will give attackers a means of bypassing traditional defence measures.
保密课程在线
The warning came in a joint statement by US director of National Security James Clapper, undersecretary of defense for intelligence Marcel Lettre, and NSA and US Cyber Command director Admiral Mike Rogers, at a hearing on foreign cyber threats by the Senate Armed Services Committee.

“Protecting critical infrastructure such as crucial energy, financial, manufacturing, transportation, communication, and health systems, will become an increasingly complex national security challenge,” the written statement noted.
It also warned that nations equipped with similar offensive cyber capabilities could be prone to preemptive attack and rapid escalation in a future crisis, “because both sides would have an incentive to strike first”.
The committee was meeting in the aftermath of what its chairman Senator John McCain called an “unprecedented attack on our democracy”, referring to the hacking attacks during the recent Presidential election, which have been blamed by US intelligence on Russia.
President-elect Donald Trump has cast doubt on whether Russia was behind the attacks.
However, the statement from the intelligence chiefs said Russia is a “full-scope cyber actor” and one that “poses a major threat to US government, military, diplomatic, commercial, and critical infrastructure and key resource networks because of its highly advanced offensive cyber program and sophisticated tactics, techniques, and procedures”.
It said Russian cyber operations had targeted government organizations, criticial infrastructure, think tanks, universities, political organizations and corporations, often using spearphishing campaigns.
“We asses that only Russia’s senior-most officials could have authorized the recent election-focused data thefts and disclosures, based on the scope and sensitivity of the targets,” the statement continued.
“Every American should be alarmed by Russia’s attack on our nation,” McCain said. But the recent Russian attacks are one part of a bigger cyber problem he added, pointing to other digital espionage and cyber attacks by hackers aligned with China and North Korea.
“What seems clear is our adversaries have reached a common conclusion that the reward for attacking American cyberspace outweighs the risk. For years cyber attacks on our nation have been met with indecision and inaction. Our nation has no policy and thus no strategy for cyber deterrence. Unless we demonstrate that the costs of attacking the United States outweigh the perceived benefits these cyber attacks will only grow,” he warned.
Certainly Russia was not the only digital threat the intelligence chiefs identified.
China continues to conduct cyber espionage against the US government and companies, albeit at lower levels than previously, they said. “Beijing has also selectively used cyber attacks against foreign targets that it probably believes threaten Chinese domestic stability or regime legitimacy.” They also listed Iran as using cyber espionage, propoganda and attacks, and said North Korea remains capable of “launching disruptive or destructive cyber attacks to support its political objectives”.
And the risk isn’t likely to decline, either: “Over the next five years, technological change will only accelerate the intersection of cyber and physical devices, creating new risks,” they said.
Read more on cyberwarfare Governments and nation states are now officially training for cyberwarfare: An inside lookThe new art of war: How trolls, hackers and spies are rewriting the rules of conflictInside the secret digital arms race: Facing the threat of a global cyberwarThe undercover war on your internet secrets: How online surveillance cracked our trust in the webThe impossible task of counting up the world’s cyber armies
在和组织攸关的重大事件发生的敏感时期内,组织容易成为媒体和大众关注的对象,同时也容易成为被攻击的目标。特殊时期,要及早进行安全评估和检查,在第一时间修复安全漏洞,另外,需加强安全监控力度以及例行核查的频率。

猜您喜欢

兰州理工大学举办信息安全铁人三项西北赛区数据赛
投毒案对信息安全从业人员的启示
信息安全第一课——丢弃毁坏的U盘
去年移动支付笔数占整体比例71%
VERVESUITES BVCOMPCLUB
安全前线——关注信息安全中人的因素