Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Hackers Shifting to ‘Destruction’: US Cyber Chief

WASHINGTON – Hackers are stepping up the intensity of their attacks, moving from “disruption” to “destruction” of key computer systems, the top US cyber-defense official said Monday.

General Keith Alexander, who is director of the National Security Agency and commander of the US Cyber Command, told a Washington forum that the new tactics could move beyond mere annoyances and begin causing severe economic damage.

WASHINGTON – Hackers are stepping up the intensity of their attacks, moving from “disruption” to “destruction” of key computer systems, the top US cyber-defense official said Monday.

General Keith Alexander, who is director of the National Security Agency and commander of the US Cyber Command, told a Washington forum that the new tactics could move beyond mere annoyances and begin causing severe economic damage.

“We are seeing the threat grow from exploitation to disruption to destruction,” he told the group at the Woodrow Wilson Center.

He argued that these attacks could impact organizations ranging from stock markets to power grid operators — “all of that is in the realm of the possible.”

These types of destructive attacks can wipe out data, which could bankrupt a company or disable the control systems operating key infrastructure.

“It could overwrite the ability of a system to turn on,” Alexander said.

“Think about a company that loses all the data on its system… If you wipe out the data, you wipe out the ability of the system to operate.”

Alexander said the best way to protect against these types of attacks is to implement an information sharing system between the private sector and government agencies — as was proposed in cybersecurity legislation that failed this year in Congress.

Advertisement. Scroll to continue reading.

Such legislation could include mandatory or voluntary reporting guidelines for when attacks occur, and it could allow those reporting the incidents to be immune from liability.

Senator Susan Collins, a sponsor of the failed cybersecurity bill, told the same forum the need for new laws remains high.

“I hope we don’t have to wait for a ‘cyber 9/11’ for action to happen,” she said. “These problems are not going to go away.”

Both Collins and Alexander said, despite news the White House is considering an executive order, the legal framework for cybersecurity protection must come from legislation.

Collins said she told President Barack Obama that an executive order would be “a big mistake” and “cannot accomplish what legislation can.”

She added that an executive order “could lull people into a false sense of security.”

The two spoke the same day the White House acknowledged that one of its own computer networks was hit by a cyber attack, but said no classified systems were breached and there was no indication any data was lost.

An administration official spoke up after a report from a right-wing news site that Chinese hackers had breached a key White House military system.

The US official said the attack was against “an unclassified network” and was a case of “spear phishing,” in which a spoofed email tricks a user into clicking through to a website where a hacker can install malicious software or gain control of another computer.

“These types of attacks are not infrequent, and we have mitigation measures in place,” the official said.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Cybercrime

As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Cybercrime

Luxury retailer Neiman Marcus Group informed some customers last week that their online accounts had been breached by hackers.

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cybercrime

Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Artificial Intelligence

The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.