The White House Cybersecurity Coordinator Howard Schmidt wants us to believe that breaches into national infrastructure are simple acts of hactivism. The following is based on a recent CSO interview with Schmidt:As far as he’s concerned, this isn’t an online version of East against West or Allies against Axis. What we’re seeing, he believes, is more about online riots and hacktivism, where a ragtag band of malcontents express their displeasure over government policy by launching distributed denial-of-service attacks like of the sort that pounded the networks of Estonia in 2007 (CSOOnline).While I don’t buy into the idea that we are on the verge of cybergeddon, I do believe governments around the world are integrating Internet espionage with their traditional intelligence gathering activities. In addition, there is evidence that countries like China are adding defensive and offensive Internet attack training and testing to strategic military planning. For example, according to a U.S. D.O.D. 2009 report on China military power:In 2008, numerous computer systems around the world, including those owned by the U.S. Government, continued to be the target of intrusions that appear to have originated within the PRC. Although these intrusions focused on exfiltrating information, the accesses and skills required for these intrusions are similar to those necessary to conduct computer network attacks. It remains unclear if these intrusions were conducted by, or with the endorsement of, the PLA or other elements of the PRC Government. However, developing capabilities for cyberwarfare is consistent with authoritative PLA military writings on the subject. Examples of attacks against U.S. strategic infrastructure include: Hacking the D.O.D Computer Spies Breach Fighter-Jet Project Fighter Jet Hack Far from First Government Breach Even small events may be significant. Many quick in-and-out events may be cyber versions of military perimeter probes, which look for information about defenses. While I agree that security efforts by private organizations are crucial to strengthening national infrastructures, I disagree that DoS attacks against major Internet providers should be dismissed as cyber-vandalism. It may be that most of these attacks are just that. However, it is naive to accept all major events are just hacktivism.I have a hard time believing Schmidt believes what he is saying about these attacks. If his comments were not simply political rhetoric designed to avoid “insulting” other governments, we have a problem. Related content opinion MQTT is not evil, just not always secure The MQTT messaging protocol standard used by IoT vendors is not inherenly secure enough. Solutions exist to secure it, but organizations and vendors must assess risk and properly configure IoT and network security. By Tom Olzak Jul 17, 2017 3 mins Internet of Things opinion IoT messaging protocol is big security risk Popular IoT messaging protocol lacks encryption and sufficient device authentication security. By Tom Olzak Jul 14, 2017 3 mins Cloud Security Data and Information Security Internet of Things opinion Anatomy of an insider attack Manage insider attack risks with scenarios and application of common sense. By Tom Olzak Sep 30, 2016 4 mins Business Continuity Security opinion Identity governance and admin: beyond basic access management User behavior analytics give additional power to identity management and compliance. By Tom Olzak Aug 30, 2016 5 mins Investigation and Forensics Compliance Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe