Has the ‘Cyber Pearl Harbor’ already happened?

The Russians are picking our pockets, the Chinese are stealing our most vital secrets, and there’s nothing we can do about it – and it’s all going to get worse.

That was the basic conclusion after Friday’s Air Force Association cyber-conference, where speaker after speaker drove home the utter futility and helplessness of today’s cyber climate, all the while warning that the problem will only grow.

Richard Bejtlich, chief security officer for the info-security firm Mandiant, said 100 percent of the high-profile intrusions his company tracks were done with “valid credentials” – meaning the cyber bad-guys had been able to steal a real user’s login and password, obviating the need for more complex attacks.


The typical time between an intrusion and its discovery is 416 days, he said – down from two or three years – and the way most companies find out about them is when they get a visit from the FBI.



Read more: http://www.dodbuzz.com/2012/03/26/has-the-cyber-pearl-harbor-already-happened/