24 October 2016

DNI Clapper discusses difficulty of monitoring online threats, hackers

http://www.c4isrnet.com/articles/clapper-discusses-difficulty-of-monitoring-online-threats-hackers?utm_source=Sailthru&utm_medium=email&utm_campaign=Cyber%2010.20.16&utm_term=Editorial%20-%20Cyber%20Report

By: Mark Pomerleau, October 20, 2016 (Photo Credit: USGIF)

The internet has Director of National Intelligence James Clapper longing for the days of the Cold War. 
Clapper noted the threats and actors in cyberspace such as hacktivist collectives, terrorists and nation-states — all with different objectives, “all of them operate on the very same internet,” he said during a keynote presentation Oct. 20 during an event hosted by the Intelligence and National Security Alliance in Washington. 
“Sometimes all this makes me long for the … Cold War when the world essentially had two large, mutually exclusive telecommunications networks; one essentially dominated by the United States, and the other … dominated by the Soviet Union and Europe allies.” 
Clapper noted that these distinct networks made it so intelligence officials could be “reasonably sure that if we were listening to someone on a Soviet-dominated network, that person was probably not going to be a U.S. citizen. Today, of course, that’s not the case, and it makes our work exponentially harder.” 

Threat actors today use the internet for various purposes and take advantage of the anonymity it provides, even sometimes obfuscating identity further by routing their connection through servers across the globe. 
One of the organizations using the internet for ill that Clapper mentioned is the Islamic State group. While their hacking collective — thought to be a disparate network of sympathizers not necessarily affiliated in any official capacity with the group — has to date attempted to demonstrate hacking ability through a series of low-level internet page defacements, among other methods, Clapper noted that their hacking is not the real problem. 

ISIS goes on the defensive in cyber

The real problem, he said, “is how the internet enables them to recruit and inspire people all over the world. We can monitor and maybe even infiltrate terrorist groups, but it’s very difficult to expunge the ideology and their toxic ideas.” 
Stopping the spread of dangerous ideas was not an issue when the internet came about, Clapper said, noting the civil liberties and privacy concerns for American citizens. He acknowledged the difficulties in tracking online radicalization, describing his observation of teeth gnashing when acts of terror are committed following FBI investigations that cleared certain individuals who went on to commit heinous acts. 

Clapper noted that FBI director Jim Comey has used the analogy that “we aren’t expected to just find a needle in a haystack, but are also [responsible] for guessing which pieces of hay may later become needles. We cannot continuously monitor Americans who have done no wrong — that’s not who we are.” 

Clapper also discussed the recent attribution by the U.S. government that blamed Russia for hacking U.S. political entities. 

“Going after U.S. political organizations is a new and aggressive spin on the political cycle. Regardless, this election will happen on Nov. 8,” he said calling the statement “pretty unusual.” 

After U.S. blames Russia for hacking, what comes next?

The joint statement, issued by Clapper and Homeland Security Secretary Jeh Johnson, was unusual, in part due to the language it used, noting that the activity was “consistent with the methods and motivations of Russian-directed efforts;" the intelligence community generally does not provide this detail of specificity or reasoning. Clapper said the statement was “mainly addressed to the American electorate and not to any foreign nation-state.” 

He also noted that the IC was confident in its attribution, or it would not have issued such a proclamation. “But when we say we’re confident I think it speaks for itself. That’s one of the reasons why we waited as long as we did to make the statement was to ensure that we had sufficient evidence, both forensic and otherwise, to lead us to the conclusions we reached and as articulated in the statement,” he said. 


No comments: