James Delahunty
3 Aug 2011 23:25
Former counter-terrorism official warns that same sceptical mindset is being applied to cyber-attacks.
Speaking at the Black Hat conference, former CIA counter-terrorism official Cofer Black recalled the attitude toward al Queda by the United States in the 1990s. He described it as a biased view that while Osama bin Laden was known to fund terrorism, his network did not initiate attacks itself.
He said a problem back then with "validation" applies now to the cyber-threat. Judging the severity of the threat and who is behind it can be tricky at least. In October 2000, the USS Cole was bombed in a Yemeni port, and the demand for validation that it was done on the orders of bin Laden took up to five months, far too long, according to Black.
"Validation of threat and attack will come to your world," he told the audience at the Black Hat conference. He said there was a lack of appreciation for how much of a thread al Queda states before September 11, 2001, and said decision makers now are in the same boat. "They hear it but they don't believe it."
Black said that Stuxnet was an example of cyber-warfare carried out by a nation (suggesting the obvious effort and cost of developing and deploying Stuxnet points at a state operation). "The Stuxnet attack is the Rubicon of our future," he said.
Black's comments come after McAfee revealed a list of uncovered cyber-attacks against political establishments and international organizations stemming back five years, all from a single "state actor." While McAfee opted not to mention the state, other experts who have examined McAfee's research point the finger or blame at Beijing.