Following the most recent cyberattacks, against Sony, Lockheed Martin, various retailers and even the Pentagon, it seems safe to say that both the private and the public sectors all over the world are struggling with cybersecurity.
In Mexico, banks, retailers and government agencies, among others, are constantly under attack, but you seldom hear about it because the strategy seems to be not to make too much noise as a means of avoiding panic. Have you heard about cyberattacks against the Mexico City subway system? There have been quite a few, but theyre always kept under wraps.
The Mexican government entity that comes under attack more often is the Tax Administration Service (SAT), which is thus forced to devote a considerable portion of its annual budget to constantly update its security systems. Like other agencies, the SAT does not like to discuss details.
Last weekend, a major effort against Lockheed Martin, the largest U.S. defense contractor, worried authorities to such an extend that a few days later, on Tuesday, the Pentagon concluded that computer sabotage coming from another country can constitute an act of war, a finding that for the first time opens the door for the U.S. to respond using traditional military force.
Computer experts agree that no matter how safe you may think your systems are, they can always be subject to attack. Its like speed radars. No matter how advanced the highway patrols speed radars may be, speed radar detectors are always one step ahead.
Both Lockheed Martin and the Department of Defense confirmed the attack after media reports linked it to a breach in March at RSA, the company that provides tokens authorizing computer access by remote users at Lockheed and many other companies and agencies.
Lockheed declined to confirm that the raid on its data built on the attack on RSA, but many analysts said that it was likely, because one of Lockheeds first acts was to disable the remote logins for authorized staff.
What was really worrying was the fact that, like others in the defense industry, Lockheed had previously acted to make itself less dependent on the rapidly-changing numeric passwords the RSA tokens produced.
In Washington, the National Security Agency declared not long after the RSA attack that the tokens should no longer be deemed sufficient to grant access to critical infrastructure . Defense contractors began requiring employees to put in extra personal passwords.
While Lockheed said its programs and customer data had not been compromised in the attack, the breach suggests that the extra passwords were not sufficient to repel hackers, an ominous sign for remote-access systems in defense and other industries.
If there is a direct connection between the RSA breach and the subsequent attacks on Lockheed Martin and other defense contractors, this will be one of the most sophisticated sequences of attack events ever , according to Richard Stiennon, a former Gartner security analyst and author of a recent book on cyberwar.
Just as the United States and Israel are suspected of launching a virus attack against Irans nuclear facilities, China and Russia are the main suspects in some of the recent attacks. Senior U.S. intelligence officials have repeatedly accused Beijing of orchestrating a campaign of cyber espionage aimed at stealing secrets in defense and other areas.
This week, the Pentagons first formal cyber strategy, unclassified portions of which are expected to become public in June, represents an early attempt to grapple with a changing world in which a hacker could pose as significant a threat to nuclear reactors, subways or pipelines, not to mention the financial system, industry and trade.
The Pentagon is very clear about its intent. If you shut down our power grid, maybe we will put a missile down one of your smokestacks, said a military official.
It seems clear that the most recent attacks on the Pentagon's own systems along with the sabotaging of Irans nuclear program via the Stuxnet computer worm have given new urgency to U.S. efforts to develop a more formalized approach to cyber attacks.
The strategy must also highlight the importance of synchronizing U.S. cyber-war doctrine with that of its allies, and will set out principles for new security policies.