Chertoff Warns of Threat from Small Hacker Collectives

Tuesday, June 21, 2011




Security experts have been openly speculating that China may be behind the recent unauthorized network access events at several U.S. defense contractors, and that they may also be responsible for the RSA SecurID breach as well.

Former Department of Homeland Security chief Michael Chertoff believes that such events do not not require the support of nation states, and that these operations may just as well have been conducted by small hacker collectives such as LulzSec and Anonymous.

“We live in a world of globalization and technology, so even small groups now have the ability to project themselves around the world, in terms of presence, communications and travel… and build bigger and more destructive tools and weapons, and unleash them," Chertoff said.

Chertoff made the remarks during a keynote presentation at the 2011 Gartner Security & Risk Management Summit in Washington, DC.

RSA, the security division of EMC, announced in mid-March they had suffered a breach stemming from an attack on their network systems that targeted proprietary information about the company's SecurID product.

SecurID is a product designed to prevent unauthorized access to enterprise network systems, and exposure of proprietary information about the product could in turn make RSA's clients more vulnerable to hacks themselves.

“We can have [criminal] networks that can cause serious threats if not existential damage without a nation-state involved. With the confluence of globalization and technology, these groups now have the ability to cause the kind of damage that used to involve national effort. We got a taste of this on 9/11," Chertoff explained.

LulzSec is reported to have conducted a successful attacks against the Central Intelligence Agency, the U.S. Senate website, PBS, as well as networks belonging to the Atlanta chapter of FBI affiliate InfraGard. LulzSec also claims to have also hacked Sony Pictures, Sony Entertainment and Sony BMG, among others.

Previously, Anonymous gained attention for DDoS attacks against PayPal, Visa, MasterCard, PostFinance Bank, Amazon, Bank of America, the U.S. Chamber of Commerce website, and for having breached the systems of security consultants HBGary Federal.

One of the biggest obstacles to standardization of military response to cyber-based attacks is in reliably determining attribution. In many cases, it is nearly impossible to clearly determine the origin of an attack, and even more difficult to ascertain if the event was state-sponsored or instigated by individual actors.

Chertoff went on to discuss logistical problems related to how best to “convey to the public what they need to know in a way that’s accurate, understandable, succinct and credible.”

“You’ll never get perfect information, there’s always something more you could learn, always uncertainty about what you could do, and time is not your friend. You need to be able to act decisively, as inaction is also a decision, but a decision by default,” Chertoff explained.

Possibly Related Articles:
RSA China Headlines Gartner Anonymous Hacktivist National Security SecurID Lulzsec Security and Risk Management Summit Michael Chertoff
Post Rating I Like this!
Salvatore D'Agostino Isn't this the equivalent of telling people what's on the front page of the newspaper and assuming they are too lazy to read, Chertoff has simply stated the obvious.

This continues to focus on the "bad guys" such as the Sony CEO did without admitting that the IT information assurance and network security were inadequate. If all people do is react is it any wonder they are always one step behind. No reason to condone Lulz and Anonymous but at the same time no reason to focus the conversation only on the attackers either.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.