Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cyberwarfare

Terrorists Pose Cyber Security Threat, Former Defense Secretary Says

With the Obama administration reportedly circulating a draft of an executive order on cyber-security, former U.S. Secretary Robert Gates said in a keynote that nation-states are far from the only players on the cyber-battlefield.

With the Obama administration reportedly circulating a draft of an executive order on cyber-security, former U.S. Secretary Robert Gates said in a keynote that nation-states are far from the only players on the cyber-battlefield.

Senate Stalls with Amendments to Cybersecurity Bill

In a keynote today at the ISC2 Security Congress in Philadelphia, Gates – who served as defense secretary from 2006 and 2011 and is also a former director of the CIA – said the threat of cyber-war waged by nation-states in some ways is less problematic than the prospect of attacks from non-state actors. His comments echoed a similar sentiment shared by FBI Director Robert Mueller III at the RSA Conference earlier this year in San Francisco, when he warned that while terrorists had not been linked to a full-scale cyber-attack, such groups are using the web for recruitment and to help operations. 

“Presently the highest levels of cyber capability reside in nation-states,” Gates said. “But because U.S. military power provides a strong deterrent, most nation-states have no more interest in conducting an easily traceable and highly destructive cyber attack than they do a conventional military attack. The risk for them is too great. Terrorists however have no such hesitation.”

“With few assets to strike back at, they are hard to deter,” he continued. “If a terrorist group gains disruptive and destructive capability, we have to assume they will strike with little hesitation. So in cyber we have a small window of opportunity to act before the most malicious actors acquire the most destructive technologies.”

Adding to the threat landscape is the fact that getting involved in cyber-attacks does not require the resources and industrial infrastructure needed to mass produce military technology such as stealth fighters, he said.

“In contrast, cyber capabilities have low barriers to entry,” Gates said. “A small number of highly trained programmers using off-the-shelf equipment can develop toxic tools and deploy them with great effect.”

Gates’ comments come as reports surface that the Obama administration has drafted an executive order in light of the failure of Congress to pass a cyber-security bill. According to the Associated Press, among the order’s provisions are voluntary standards for companies and new regulations for systems considered particularly critical. In August, the Cybersecurity Act of 2012 failed to receive enough votes in the Senate to go to a final vote. 

Speaking general of national security threats, Gates said it is important as the government “careens towards the so-called fiscal cliff later this year” that it does not repeat the mistakes of the 1990s and begin cutting resources dedicated to national security simply because threats seem to have subsided, he said. The cuts during the 90s, he argued, played a role in the intelligence failures that preceded the terrorist attacks on Sept. 11, 2001.

Advertisement. Scroll to continue reading.

“This is not meant to excuse the real failures of leadership and execution that took place, but to realize that these failures must be understood in the context of those [military and intelligence] agencies being denied adequate resources to do all the things that are expected of them,” he said.

Related: Obama Considering Unilateral Action to Protect Critical IT Infrastructure

Related: The Intersecting Worlds of Fraud Prevention and Counter Terrorism  

Written By

Marketing professional with a background in journalism and a focus on IT security.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Cyberwarfare

WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...

Cyberwarfare

Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Cyberwarfare

Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack.

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Cybercrime

On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.

Cyberwarfare

The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...