Cyberespionage, Not Cyber Terror, is the Major Threat, Former NSA Director Says


The list of threats on the Internet is long and getting longer each day. Cybercrime, nation-state attackers, cyber espionage and hacktivists all threaten the security and stability of the network and its users in one way or another. But the one threat that some experts have warned about for years and has never emerged is cyber terrorism, a former top U.S. intelligence official said.
In the years after 9/11, as the Internet became an integral part of daily life in much of the world, some in the national security community warned that the network also would become a key conduit for terrorist attacks against a variety of targets. Utilities, critical infrastructure, banks and other vital pieces of the global economy would be choice targets for groups seeking to wreak havoc via electronic attacks. However, those attacks have not materialized.
“I don’t have a single example of cyber terrorism. Not one incident,” Michael Hayden, the former director of the CIA and NSA, said during a keynote speech at the Systems Engineering DC conference here Thursday.
“They use the Web to recruit and to proselytize, but they don’t use the Web to attack.”
Cyber terrorism, much like its close relation cyberwar, have become loaded terms in the security and intelligence communities. There are any number of definitions floating around for each of them, and none seems to have become authoritative. But attacks such as Stuxnet and Flame have been touted in some circles as examples of cyberwar, while others dispute this notion. And there’s often quite a bit of overlap between cyber terrorism, typical cybercrime and other attacks in discussions about the topic.
But the use of the Internet by traditional terrorist groups for attacks against physical assets–or to disrupt the Internet itself–is not something that’s going on right now, Hayden said.
“They’re into mass destruction and not mass disruption. Maybe they don’t want to disrupt the platform they’re using,” he said. “If they ever downshift to mass disruption, it could be very troubling.”
Hayden, who now works for the Chertoff Group, said that the threat landscape today is growing more complex every day, and that cybercrime, hacktivism, nation-state attackers and other elements all play a part in this. Of the malicious activities that pervade the Internet today, Hayden said that perhaps the largest threat is cyber espionage. Governments using electronic means to conduct corporate espionage or even traditional espionage remotely has become a sensitive topic in diplomatic circles, especially in light of the Snowden revelations about the NSA’s activities.
“The overwhelming majority is people going where they’re not invited and taking stuff they’re not entitled to,” Hayden said.
He emphasized that the U.S. intelligence community is very good at its job, which to a large degree involves taking other people’s stuff, but said the CIA and NSA don’t do so on behalf of American corporate interests. That, he said, is an important distinction.
“I know a fair bit about stealing stuff in the cyber domain. We’re really good at it, and we do it to keep you safe,” he said.