July 20, 2015

Cyber Threats Series Explores Dark Side of the Web

By Iain Whitaker, Assistant Director, Leadership Programs


Former US Defense Secretary and CIA Director Leon Panetta in conversation with Council President Ivo Daalder on March 19, 2015.

Nearly 7 out of 10 Americans think cyber attacks pose a leading threat to US security—matching their concerns regarding terrorism and surpassing their concerns about Iran’s nuclear program—according to 2015 Chicago Council Survey results. To better understand the public’s concerns, the Council hosted a series of programs this past spring that examined how digital infrastructure vulnerabilities are undermining traditional notions of security and privacy.
 
During his March 9 remarks at the Council, Marc Goodman, Future Crimes Institute founder and cyber advisor to the FBI and INTERPOL, shared many startling statistics and predictions; cyber crime costs the global economy $400 billion per year, he stated, and 75 percent of Fortune 500 companies can be hacked in under 15 minutes. Given the exponential growth of computing power, the scope for such criminality is expanding beyond the ability of law enforcement to respond; Moore’s law, Goodman quipped, has given us “Moore’s outlaws.” Worse still, the burgeoning “internet of things” is creating a smorgasbord of opportunities for technological mischief and government snooping in a dystopian world of hackable pacemakers and eavesdropping dishwashers.
 
Governments are as vulnerable as citizens and corporations. Speaking to the Council’s Young Professionals on April 2, WIRED senior staff reporter Kim Zetter gave a gripping account of the development of the world’s first digital weapon: Stuxnet. This sophisticated computer worm wreaked havoc with centrifuges at Iran’s Natanz nuclear plant before its discovery in 2010, and offered a glimpse into a future where malicious code is created, not simply to steal information, but to destroy physical infrastructure.
 
The extent of official concern regarding cyber weapons was evident in the remarks of former US defense secretary and CIA director Leon Panetta, who visited the Council on March 19. Referencing the Shamoon virus, which destroyed 30,000 computers belonging to Saudi oil company ARAMCO, Panetta described such an attack on US infrastructure as his greatest fear. With such technology in the hands of terrorists, he said, they could “cripple our country” without setting foot on US soil.
 
“Privacy is not dead,” claimed Michelle Dennedy during her May 12 program at the Council, “but it does need a reboot.” As chief privacy officer at internet security firm McAfee, Dennedy expressed serious concerns about the ways hacking and the collection and sharing of personal data online have eroded traditional notions of privacy, but she also stressed that citizens can take simple but powerful steps to protect themselves. Using a memorable underwear analogy, Dennedy described how simple online hygiene practices, such as setting “exotic” passwords, keeping them under wraps, and changing them often, will at least mean hackers have to work for their loot, and will probably target someone else.
 
Dennedy also stressed the need to hold to account those who create software and handle data. Ultimately consumers have the power of choice, she reminded the Council’s audience, which they can leverage to demand higher standards of data management from corporations and service providers. Similarly, software developers need to be held liable for the vulnerabilities of their products, Goodman argued.
 
Fear sells, and a silver lining to the crisis of privacy in the digital age is that the market is now responding to public concerns. Silicon Valley’s venture capitalists are rushing into the cyber security space, and insurance company actuaries are scrambling to value this novel form of business risk. Data breaches may not yet have seriously dented corporate share prices, but, Dennedy asserts, executive’s attitudes are slowly changing. Certainly, the fate of Target’s former CEO, who resigned following the retailer’s massive 2013 data breach, has focused boardroom attention on the need to build the financial and reputational costs of data loss into their business plans.
 
Illuminating and unnerving in equal measure, the Council’s cyber threats series generated as many questions as it answered. “We live in exponential times,” Goodman emphasized, and the scope of changes to our political, economic, and social systems resulting from technological advancements are so rapid that, in many areas, our responses have yet to be debated, legislated, or coded. In the realm of cyber warfare the outlook is particularly bleak. A lack of intergovernmental clarity over how international law applies to digital weapons leaves the door open for widespread mischief, and worse, Zetter suggested.
 
But even Goodman, who likened modern society to a “technological house of cards,” is ultimately hopeful. In calling for a Manhattan Project for cyber security to mobilize the public and private sector in a common fight, the former LAPD street cop reminded the audience that defeating the cyber criminals is a good old-fashioned question of garnering the will and the resources.
 
Join the Council this fall as we explore how empowered citizens, chastened corporations, and digitally diligent governments are redefining security in the cyber age.

About the Author

Iain Whitaker joined the Chicago Council on Global Affairs in 2014 and is the assistant director, leadership programs. Prior to joining the Council, Whitaker worked in KPMG's Trade and Customs Services practice. He was also previously the legislative assistant to a UK member of parliament at the House of Commons in London. He received an MA in modern history from the University of St. Andrews (UK), and an MSc in international security from the University of Bristol (UK).

About

The Chicago Council on Global Affairs is an independent, nonpartisan organization that provides insight – and influences the public discourse – on critical global issues. We convene leading global voices and conduct independent research to bring clarity and offer solutions to challenges and opportunities across the globe. The Council is committed to engaging the public and raising global awareness of issues that transcend borders and transform how people, business, and governments engage the world.

The Chicago Council on Global Affairs is an independent, nonpartisan organization. All statements of fact and expressions of opinion in blog posts are the sole responsibility of the individual author(s) and do not necessarily reflect the views of the Council.

Archive

| By Elizabeth Sherwood-Randall, Scott Sagan, Brian Hanson

Deep Dish: Nuclear Threats 75 Years After Hiroshima

Seventy-five years after Hiroshima, former deputy secretary of energy Elizabeth Sherwood-Randall and Stanford University’s Scott Sagan join Deep Dish to examine the threat of nuclear weapons today.


| By Mira Rapp-Hooper, Brian Hanson

Deep Dish: Why Allies are Key for US Security Today

The Council on Foreign Relations’ Mira Rapp-Hooper joins Deep Dish to explain why the alliance system is still essential for America’s global leadership – but must be remade to meet the challenges of the 21st century. 




| By Adam Segal, Brian Hanson

Deep Dish: Who’s Winning the US-China Tech War?

The Council on Foreign Relations’ Adam Segal joins Deep Dish to explain the battles between China and the US over products like Huawei and TikTok, their role in US foreign policy, and why US allies are choosing sides. 


| By Judd Devermont, Neil Munshi, Brian Hanson

Deep Dish: Mali’s Instability Threatens the Sahel

This week on Deep Dish, the Center for Strategic and International Studies’ Judd Devermont and the Financial Times’ Neil Munshi explain why Mali’s instability is a threat to Africa’s Sahel region — soon to be the West’s largest conflict zone.






| By Catherine Belton, Brian Hanson

Deep Dish: How Putin Holds Power Over Russia

Investigative reporter Catherine Belton joins Deep Dish to examine the people that surround Russia’s enigmatic leader – and the financial ties to the West that makes the Kremlin’s dominance possible.