12 February 2015

US To Open New Center to Fight Cyber Attacks

David E. Sanger
February 11, 2015

February 11, 2015President Obama’s homeland security adviser said Tuesday that the administration was planning to open a new center that would quickly assess and deter cyberattacks on the United States.

The adviser, Lisa Monaco, who provides threat assessments to Mr. Obama every morning, said the world was at a “transformational moment” regarding cyberthreats.

“Annual reports of data breaches have increased roughly fivefold since 2009,” Ms. Monaco said. That was the year that Mr. Obama first began to publicly press for greater cybersecurity initiatives — while secretly authorizing the largest state-sponsored use of a cyberweapon against Iran’s nuclear enrichment facilities.

A cyberthreat office has long been discussed, but planning became more urgent after the attack on Sony Pictures Entertainment in November, which Mr. Obama and the F.B.I. later said was the work of North Korea. The attack exposed weaknesses in the government’s ability to come up with a consensus on an attack’s origin and how to respond to it.

Presidential aides had expressed similar frustrations during the lengthy investigations into attacks on JPMorgan Chase — no single culprit has been reliably identified — and in a number of other hacking cases, including some on the unclassified White House and State Department email systems.

The new center would essentially put greater control of assessments into the hands of the director of national intelligence, James R. Clapper Jr. While there are a number of federal cybercenters in operation, the Department of Homeland Security, which has primary responsibility for the defense of American domestic networks, has often been at odds with the National Security Agency, the military’s United States Cyber Command and other branches of the government responsible for assessing or reacting to cyberattacks.

Mr. Obama is also attempting to press companies and the government to cooperate more fully in sharing information on cyberattacks. He is scheduled to travel to Stanford University on Friday to sign an executive order easing the way for American companies to share data with the government.

His executive powers, however, do not allow him to address the liability issues that companies face if they turn over information on customers or other private data. That can o be done only by legislation, and Mr. Obama will urge the new Congress to pass a comprehensive cybersecurity bill, which has failed in Congress for three years.

Ms. Monaco, in a speech at the Woodrow Wilson Center in Washington, painted a picture of an administration struggling to keep up with the increasing number of cyberattacks, which are growing more destructive.


She named four adversaries who regularly attack networks in the United States: China, Russia, Iran and North Korea.

While espionage and the theft of intellectual property motivate many of the attacks, she said, “politically motivated attacks are a growing reality, as we saw with North Korea’s attacks on South Korean banks and media outlets last year.”

Those breaches were followed by the Sony attack, which began in September but which American intelligence agencies — and Sony itself — did not understand until half to two-thirds of the company’s computers and servers had been damaged or destroyed.

“It was a game changer because it wasn’t about profit,” she said. “It was about a dictator trying to impose censorship and prevent the exercise of free expression.” At the time of the attack, Sony was preparing to release “The Interview,” a comedy about a C.I.A. effort to kill Kim Jong-un, the leader of North Korea.

“I worry that malicious attacks like the one on Sony Pictures will increasingly become the norm unless we adapt quickly,” she said.

No comments: