18 June 2018
Robert Siciliano

Identity Theft Expert

Robert Siciliano - IDTheftSecurity.com

749Posts 2,167,019Views 62Comments

Expanding Internet Capabilities Makes U.S. Vulnerable

29 December 2009  |  4214 views  |  0

The FBI considers the cyber threat against our nation to be one of the greatest concerns of the 21st century.

Steven R. Chabinsky is deputy assistant director of the cyber division of the Federal Bureau of Investigation. This article is sourced from GovInfoSecurity.com and was adapted from written testimony he delivered earlier this month to the Senate Judiciary Committee’s Subcommittee on Terrorism and Homeland Security.

“Despite the enormous advantages of the Internet, our networked systems have a gaping and widening hole in the security posture of both our private sector and government systems. An increasing array of sophisticated state and non-state actors have the capability to steal, alter or destroy our sensitive data and, in the worst of cases, to manipulate from afar the process control systems that are meant to ensure the proper functioning of portions of our critical infrastructure. Moreover, the number of actors with the ability to utilize computers for illegal, harmful, and possibly devastating purposes continues to rise.

When assessing the extent of the cyber threat, the FBI considers both the sophistication and the intent of our adversaries. The most sophisticated actors have the ability to alter our hardware and software along the global supply chain route, conduct remote intrusions into our networks, establish the physical and technical presence necessary to re-route and monitor our wireless communications, and plant dangerous insiders within our private sector and government organizations. The actors that currently have all of these capabilities – which is a finding that is distinct from whether and when they are using them – include multiple nation states and likely include some organized crime groups.

In the cyber realm, the technical positioning an adversary requires to steal data typically provides them with the very same access and systems administrator rights that could be used for destructive purposes. As a result, computer network exploitation – the ability of foreign spies to monitor our networks and steal our secrets – might simultaneously provide our enemies with pre-positioned capabilities to conduct computer network attack – the ability to deny, disrupt, degrade, or destroy our information, our networks, and the infrastructure services that rely upon them.

With respect to organized crime groups, financially motivated cyber crime typically does not involve acts of violence or network destruction. The exception to this generality however is extortion. Cyber criminals can threaten to hold entire networks, or more simply the data on them, hostage to their demands. Often, cyber criminals have the technical sophistication and access to make good on their threats, especially if an insider is involved.

The FBI has not yet seen a high level of end-to-end cyber sophistication within terrorist organizations. Still, the FBI is aware of and investigating individuals who are affiliated with or sympathetic to al-Qaeda who have recognized and discussed the vulnerabilities of the U.S. infrastructure to cyber attack, who have demonstrated an interest in elevating their computer hacking skills, and who are seeking more sophisticated capabilities from outside of their close-knit circles. Should terrorists obtain such capabilities, they will be matched with destructive and deadly intent.

In addition, it is always worth remaining mindful that terrorists do not require long term, persistent network access to accomplish some or all of their goals. Rather, a compelling act of terror in cyberspace could take advantage of a limited window of opportunity to access and then destroy portions of our networked infrastructure. The likelihood that such an opportunity will present itself to terrorists is increased by the fact that we, as a nation, continue to deploy new technologies without having in place sufficient hardware or software assurance schemes, or sufficient security processes that extend through the entire lifecycle of our networks.”

Take control. Protect your identity. Get a credit freeze. Go to ConsumersUnion.org and follow the steps for your particular state. This is an absolutely necessary tool to secure your credit. In most cases, it prevents new accounts from being opened in your name. This makes your Social Security number useless to a potential identity thief.

Invest in identity theft protection and prevention. Not all forms of identity theft protection can be prevented, but identity theft protection services can dramatically reduce your risk.

TagsSecurityRisk & regulation

Comments: (0)

Comment on this story (membership required)

Latest posts from Robert

Are Your Employees Putting Your Company at Risk? Here’s How to Find Out!

18 May 2018  |  6167 views  |  0 comments | recomends Recommends 0 TagsSecurity

10 Internet Security Myths that Small Businesses Should Be Aware Of

11 May 2018  |  1764 views  |  0 comments | recomends Recommends 0 TagsSecurity

Mobile Phone Numbers Are as Sensitive as Your Social Security Number

19 April 2018  |  3549 views  |  0 comments | recomends Recommends 0 TagsSecurity

The Term Identity Theft Protection is Often a Lie

06 April 2018  |  7615 views  |  0 comments | recomends Recommends 0 TagsSecurity

Use a Password Manager Or You WILL Get Hacked

19 March 2018  |  4026 views  |  0 comments | recomends Recommends 0 TagsSecurity

Robert's profile

job title Security Analyst
location Boston
member since 2010
Summary profile See full profile »
Security analyst, published author, television news correspondent. Deliver presentations throughout the United States, Canada and internationally on identity theft protection and personal security....

Robert's expertise

Member since 2009
739 posts62 comments

Who's commenting on Robert's posts