Cyber attacks grow increasingly “reckless”: US official says

Reuters: Other nations are increasingly employing cyber attacks without “any sense of restraint,” a top US cyber security official said on Friday, citing “reckless” behaviors that neither the United States nor the Soviet Union would have dared at the height of Cold War tensions.

Debora Plunkett, of the secretive National Security Agency, whose responsibilities include protecting US government computer networks, predicted that Congress would pass long-stalled cyber security legislation within the next year.

Lawmakers failed this summer to overcome disputes over cyber security regulations for private firms such as utilities.

Plunkett, head of the NSA’s Information Assurance Directorate, the agency’s cyber-defense arm, told a university audience that “we’re starting to see nation-state resources and expertise employed in what we would characterise as reckless and disruptive, destructive behaviors.”

Even during the Cold War, blocs of nations allied with the United States or with the Soviet Union worked to undermine each other, but still operated with a sense of restraint, she said.

“Some of today’s national cyber actors don’t seem to be bound by any sense of restraint,” she told a forum at the Polytechnic Institute of New York University.

Officials from the Obama administration and Congress have called for stronger cyber security, accusing China and Russia o f hacking US computer networks for economic gain, espionage and other motives.

US standing to complain about other nations’ cyber attacks has been undermined, however, by disclosures t hat Washington, along with Israel, launched sophisticated offensive cyber operations of its own against Iran to try to slow that nation’s suspected quest for a nuclear weapon.

US officials have not publicly acknowledged that effort and almost never speak of US offensive capabilities in public.

When asked how large a threat hacking from China, Russia and other countries posed to the United States, Plunkett said: “Significant. I don’t know how else to describe it.”

Plunkett’s comments from the normally tight-lipped NSA reflect a growing concern among US officials, lawmakers and agency heads about the country’s cyber security.

Security software maker Symantec Corp said on Friday that a hacker group that attacked Google Inc in 2009 – an operation later dubbed Operation Aurora – had since launched hundreds of other cyber assaults, focusing on defense companies and human rights groups.

Cyber security experts widely believe the Google attacks originated from China. Chinese officials have denied their country is a source of cyber attacks against the United States

Symantec said the group had used a technique that enabled attackers to hack into highly secured systems. That suggested the hackers were either a large criminal group, backed by a nation-state, or a nation-state itself, Symantec said.