“We put up a defensive perimeter and then we wait,” said the general, who is also commander of the U.S. Cyber Command.
"Instead of waiting, he said, companies and Internet providers should be actively scanning for “signatures” that might indicate new types of attacks and should then share these with others who could be affected.
From yesterday's WSJ, FYI,
January 13, 2012, 9:30 AM
Defenses Against Hackers Are Like the ‘Maginot Line,’ NSA Chief Says
U.S. companies still aren’t taking the threat of computer attacks seriously enough, despite a recent string of high-profile security failures, top government cybersecurity officials said this week.
“We need to become more active in our defense,” said General Keith Alexander, the director of the National Security Agency, on Thursday at the Federal Bureau of Investigation’s International Conference on Cyber Security.
Gen. Alexander compared current business defenses to the Maginot Line, the French fortifications built after World War I that failed miserably once Germany attacked in World War II. “We put up a defensive perimeter and then we wait,” said the general, who is also commander of the U.S. Cyber Command.
Instead of waiting, he said, companies and Internet providers should be actively scanning for “signatures” that might indicate new types of attacks and should then share these with others who could be affected.
Gen. Alexander and others at the conference said attacks were becoming more prevalent. They pointed to a string of well publicized attacks beginning with the hacking of NASDAQ systems in October 2010 and including the compromise of companies such as Sony and security firm RSA last year.
“People ask, ‘What’s wrong with these guys?’” Gen. Alexander said. “Actually, they’re the gold standard for securing cyber. They’re the ones that know they’ve been hacked.” Often, he said, government investigators will find that companies have been victims for many months and haven’t noticed.
In spite of a steady drumbeat of stories about such attacks, “people still ignore the threat,” said Shawn Henry, executive assistant director of the FBI. “They don’t see this risk,” he said.
Mr. Henry said there is a misconception that only e-commerce and banking companies are vulnerable to attacks but that the real danger now comes from theft of internal information such as personal data, research and development or intellectual property.
But the problem doesn’t lie only with the potential victims, speakers said. Rob Joyce, deputy director of the information assurance directorate of the NSA, said it needs to be easier for companies to protect themselves without devoting huge amount of staff to the task.
“Eighty percent of the compromises can be thwarted by basic blocking and tackling,” he said. “Automation is the only way we close the 80% threat.”
– Jennifer Valentino-DeVries and Julia Angwin