(page 3 of 3)
Dark Reading: Are there specific threat actors or specific types of threats outside the election that you think are most critical right now?
Stavridis: There are both, and this is probably a good one to close on. Russia is highly capable of two other things that ought to concern us. One is very specialized offensive tools that can be used against our electric grid. And they have demonstrated the efficacy of those tools against Ukraine, dropping about half of the Ukrainian electric grids.
Second, Russia has a very active, I would say, innovative system of cybercriminal activity wherein they effectively license cybercriminals, give them what Queen Elizabeth would have recognized as a letter of marque, which she would give to, for example, Sir Francis Drake, saying, "Go forth and pirate in the name of your nation."
This is happening in the Russian government, which taxes those actors and also uses them as a secondary deep bench to implement offensive cyber operations. So Russia, I think by far, is the top of my worry list.
China's very different. They certainly have capable offensive cybertools, but here I'm more concerned about espionage, notably commercial intelligence theft. I'm sure you're very aware of the recent acts of Chinese industrial espionage or intellectual property theft directed against both defense, US military kinds of systems, and against commercial actors like Airbus.
On the next tier down. North Korea is all about the money and the ego of Kim Jong Un. The good example is when a rather stupid movie comes out, The Interview, he's offended by how he's portrayed in the movie and he attacked Sony Pictures. He does hundreds of millions of dollars of commercial and business damage to that entity because he's offended by portrayal.
More seriously, he goes after cybercriminal activity that puts hard cash back into the North Korean economy. North Korea is more a commercial entity — think of it like a mafia gang. It's all about the money and the ego of the boss.
And then you've got to throw in Iran, which is not certainly at the level of any of the first three I mentioned, but getting better, deploying cybertools against our allies in the region, against Saudi Arabia, the Gulf states, and against Israel. Israel can certainly take care of itself there, at least as good as Iran and North Korea probably combined.
But you will see Iran also looked to see how they can hurt the United States: We've seen probing attacks. They would like to have the ability to at least damage our critical infrastructure. And they certainly have made some forays against our financial sector from time to time.
By the way, cyber is the ultimate equalizer. It is the ultimate asymmetric weapon. You don't have to build a B-1 bomber to attack the United States. If you can attack us through the cyberworld, even smaller nations than those I've mentioned will gradually find these tools.
So first we've got to be sharp on our defenses. We have to establish a regime of deterrence. We have to show other nations we're willing to counterattack if they come after us in this space.
Next, we need to work with our allies, partners, and friends because, just like I said earlier, companies are stronger together, and nations are stronger together in this regard as well. And I'll close, by the way, saying our partnership with Israel in this regard is peerless. We work together very closely with the Israelis. It's no coincidence that many of the top cybersecurity companies in the world come out of Israel. There's a very porous membrane between the United States and Israel in this regard. That's a good thing.
- How Enterprises Are Attacking the Cybersecurity Problem - 201
- Martin Hellmann & Dorothie Hellmann on Love, Crypto & Saving the World
- With International Tensions Flaring, Cyber Risk Heats Up for All Businesses
- 6 Unique Metrics CISOs Should Track in 2020