By Tom Still
In the bad old days of the Cold War, people worried about missile silos in the Soviet Union.
In the emerging world of cyber-warfare, the most pervasive threats may come from nests of sophisticated computer hackers in Shanghai, Tehran or Pyongyang.
The Feb. 18 release of a private report that tracked 141 corporate data thefts to China, perhaps even to units of the People’s Liberation Army itself, has heightened government and private concerns about cyber-attacks. Increasingly at risk are some of America’s lifelines – including its energy pipelines, its water supply, its health-care networks and its financial institutions.
Read this column in the Wisconsin State Journal here.
Hackers have hit thousands of U.S. companies in the last few years, including Twitter, Facebook, Coca-Cola and Apple, but few publicly admit it for fear of looking weak to competitors, customers and shareholders. Stolen data may include proprietary processes, blueprints, contact lists and, in the case of government data, national security information.
During his State of the Union address, President Obama noted the growing threat of cyber-attacks, saying “we cannot look back years from now and wonder why we did nothing in the face of real threats to our security and our economy.”
Obama also signed an executive order in February encouraging information sharing about online threats between the government and private companies.
Strategies for guarding against cyber threats will be explored Feb. 26 during a Wisconsin Innovation Network luncheon meeting in Madison, where two experts on the front lines of defense will discuss how state expertise is being tapped.
Miron Livny, director of core computational technology at the Morgridge Institute for Research on the UW-Madison campus, will be joined by Josh Bressers, the founder and head of the Red Hat Product Security team, for a discussion about emerging threats and solutions.
Known for his work on the HTCondor system, Livny is part of a UW-Madison, Indiana University and University of Illinois team that won a $23.6 million cybersecurity grant from the Department of Homeland Security. They are developing a “Software Assurance Marketplace” to work closely with developers of software analysis technologies and “open-source” programmers to advance security of software.
Open-source software is computer software developed by multiple programmers in collaborative environments. It is designed to be widely available, but highly adaptable.
With offices in Wisconsin, Red Hat is responsible for working with product groups to incorporate software assurance practices into their development. Bressers was previously a senior software engineer in the Red Hat Security Response Team and has more than 10 years of experience working on security issues with the open source community.
Other private, non-profit groups such as the Milwaukee Institute and Wisconsin Security Research Consortium are also examining cyber threats and establishing research avenues.
The importance of cybersecurity to businesses of all sizes is hard to overestimate. Whether the hackers are a clever kid around the corner or highly organized efforts such as those based in China, the end result is the same: Hackers act as vampires, sucking away at the life’s blood of American innovation and security.
How the nation comes to grips with cybersecurity is something of a mid-life crisis. The Internet is the defining technology of our era, but it’s nearly 40 years old and getting a bit long of tooth, especially when it comes to protecting digital data.
“The major glaring weakness (of the Internet) is the lack of security, because the protocols and the technology were not designed to support security,” warned Wisconsin computer science pioneer Larry Landweber, a member of the Internet Society’s Hall of Fame.
Wisconsin is a state with large health-care and financial service sectors, both of which come with growing cybersecurity needs. It’s also a state with the kind of academic and private resources that can help build a 21st century line of defense.