Government planning scenarios to prevent cyber-terrorist attacks, legal elements of cyber warfare and future cyber challenges will be among the key topics of discussion at a training conference titled the Cyber Warfare & Security Summit on June 25-27 in Arlington, Virginia.
The speakers' panel at the summit, presented by The Institute for Defense and Government Advancement (IDGA), will include:
- Brigadier Gen. Michael Stone of the Michigan National Guard
- Mark J. Morrison, defense intelligence officer at the Cyber Directorate for Analysis, DIA
- Kevin Highfield, U.S. Army electronic warfare analyst
- Scott Borg, CEO of the Cyber Consequences Unit
- Randy Bachman, cyber security technical lead at the Federal Communications Commission
- Curtis Levinson, cyber defense subject matter expert and U.S. liaison to NATO, and
- Roger W. Kuhn, science adviser, Fleet Cyber Command/Commander, 10th Fleet.
Day One of the summit will focus on what IDGA calls "The Human Capital Crisis in Cyber Security" -- the competition among militaries around the globe to "recruit the best computer specialists."
"If the U.S. gets the best people for its Cyber and Strategic Commands and all other institutions currently working within the field, then the cyber threat can only be transformed to an economic advantage and to a cyber opportunity," IDGA says.
In addition to 20 keynote and training sessions, there are a number of topics related to the transformation of warfare from physical to cyber space. A presentation by Scott Borg is titled, "Replacing industrial defense thinking with cyber defense thinking."
In an interview with IDGA's Chris Archer, Borg says the prospect of cyberwar means the U.S. needs to "rethink every aspect of defense." Our current weapons and defense systems will still be needed, but the way we use them will become very different.
As other cybersecurity experts have noted, Borg says, "A major cyber assault could completely bypass our military forces. It would not require incoming airplanes, missiles, ships, or troops. The attack could suddenly appear inside the computerized equipment of our major industries."
"The identity of the country or organization that was responsible could be impossible to determine quickly or with complete confidence. ]It] could cause almost any kind of damage that could be produced by the human operators of computerized equipment," Borg says.
The targets of such attacks have also been under discussion in the cybersecurity community and are the focus of about a half-dozen bills pending in Congress. Borg notes that a cyberattack "could physically destroy or sabotage electrical generation stations, refineries, pipelines, banking systems, railroad switches, flight control centers, chemical plants, hospital equipment, and water and sanitation facilities."
And the economic and physical damage, he says, "could surpass any other kind of assault, except for a nuclear one."
"Thousands of people could be killed immediately by explosions, leaks of toxic chemicals, airplane crashes, train crashes, and wrong medical treatments," Borg says. "Hundreds of thousands could be caused to die over the months to come as a result of famine, disease, loss of heating or cooling, and the general deprivations and social breakdowns resulting from people no longer being supplied with the necessities of life."
The biggest challenge, Borg says, is keeping up with the rapidly evolving threats. "Extrapolating a past cyberattack trend into the future is of little use," he says, adding that this makes government-mandated security standards of little use. "By the time cybersecurity standards have been defined and are being imposed, they will not only be obsolete; they will often be an impediment to implementing the security measures that are most necessary," he says.
Among other sessions: A data-driven approach to detecting advanced persistent threats; Enhancing the security of the network infrastructure; Convergence of cyber warfare and electronic warfare; The attribution problem with cyber attacks and; The challenge of international law frameworks in response to the threat of cyber warfare.
To register, go to http://bit.ly/KIFNce.
Read more about malware/cybercrime in CSOonline's Malware/Cybercrime section.