Cyberwar | Amy Zegart | TEDxStanford

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

on November 24th 2014 it was the Monday before Thanksgiving Amy Pascal is driving to her Sony Pictures studio office in Culver City California it's a day just like any other day for the Sony studio chief until she turns on her computer and there on the screen is an image of a creepy red skeleton with a message hacked by hashtag GOP now at first Amy Pascal thinks this has got to be some kind of joke but it wasn't a joke it was the beginning of a cyber nightmare so bizarre that not even Hollywood screenwriters could have imagined it now we know that the cyberattack was eventually attributed to the government of North Korea it was one of the most damaging cyber attacks in American history and it was perpetrated by one of the most isolated and poorest countries on earth the attackers stole and then publicly released terabytes of data from Sony including vital trade secrets yet to be released movie scripts salary and contract information and personal information from thousands of Sony employees but the attackers didn't just steal they destroyed they wiped data from hard drives of thousands of Sony computers and servers the attack forced Sony off the grid entirely and the attack revealed private emails so embarrassing that Amy Pascal one of Hollywood's most powerful executives eventually had to resign and then it got worse the attackers darkly warned of 9/11 and they vaguely threatened violence in movie theaters if Sony went ahead with its planned release of the movie the interview the comedy depicting the assassination of North Korea's leader Kim jong-un President Obama got involved the FBI began to invest gate and in the end the Sony hack wasn't just about Sony anymore it was a national security incident an international crisis and a sneak preview at the future of cyber warfare now just how serious are cyber threats to our nation as a whole to our nation's economic vitality to our national security and how do leaders think about cyber threats in the context of other national security dangers that we confront in the United States that's the story that I want to tell today and the story starts by taking a look at the broader threat landscape that u.s. foreign policy leaders have been confronting for the past several decades this is a picture of the threat environment during the Cold War it's a picture of a medium-range Soviet ballistic missile and ss4 as it's being paraded through Red Square and Moscow this particular photograph is a Central Intelligence Agency reference photograph that was used during the Cold War during the Cold War foreign policy leaders knew that they faced the grave prospect of nuclear Armageddon but they also knew that they faced a single principle adversary they knew who that adversary was they knew where that adversary was and they had a pretty good idea of the Soviet Union's intentions and its capabilities after all the Soviets are parading their nuclear weapons through Red Square and they're operating at the bureaucratic speed of 5-year plans this is a picture of the threat environment today it's more crowded and more uncertain and more complicated than any time in modern American history it's filled with rising states declining States weak States failed States rogue States non-state actors ranging from Isis to anonymous and transnational threats like global climate change and the threat environment isn't just more crowded or complicated today it's changing faster than ever before too every year the Director of National Intelligence issues a public threat assessment where he runs down the list of dangers confronting the country in 2007 not that long ago that threat assessment did not put one word in it about cyber not one as latest 2009 cyber threats were so far down the list they were right near the bottom just after drug trafficking in West Africa not any more cyber threats in the past few years have vaulted to the top of the threat list and today many experts and government officials are worried about three classes of cyber attacks or threats to our country the first is the massive theft of intellectual property from American corporations that could degrade our economic competitiveness for generations the second is a tax that could inflict massive disruption on our way of life in ways that we have never imagined before and the third is cyber attacks that could degrade disable or destroy our nation's military ability to defend itself or to attack if our vital interests are threatened the threat environment today is crowded it's complicated and it's uncertain and it's changing at the speed of cyber cyber threats are a part of this threat environment and they're new but they're also very different from other traditional national security threats and they're different in five key ways that I want to talk about with all of you the first key difference between traditional national security threats and cyber threats is that the United States is simultaneously the most powerful country in cyberspace and the most vulnerable country in cyberspace and that's different in the military we often talk about domains the military talks about the air domain the land domain the sea domain and in those physical domains the countries that have the most weapons and the most sophisticated weapons are the most powerful but that's not true in cyber the United States has the most sophisticated offensive cyber capabilities of any nation in the world and yet we in the United States are the most vulnerable why because we're the most connected we rely on networks and connectivity for our economy for our civil society for our government for our military in tremendous and wide-ranging ways our connectivity is the source of our strength and the source of our weakness the second major difference between traditional national security threats and cyber threats is that in cyberspace the US government cannot go it alone and this too is new in every other security realm the government is considered the legitimate monopoly provider of security now what do I mean by that if you think about how you want safe streets in your neighborhood you pick up the phone you call the police the police the government legitimate monopoly provider of security for safe streets in your neighborhood well the same thing is true if you want to say for country if you want to secure your country from foreign attack you strengthen your military legitimate monopoly provider of security but in cyberspace it doesn't work that way because 85% of our nation's critical infrastructure is not owned by the US government it's owned and operated by the private sector our power system our telecommunications networks our financial system owned and operated by private actors the government can't defend those sectors from attack by itself the government can't go it alone now the third key difference between traditional national security threats and cyber threats is that in cyberspace the attack surface is huge there are no safe neighborhoods in cyberspace one senior military official describes cyberspace to me this way he said imagine that there is a street in cyberspace that runs through the best parts of town and the worst part a town all at the same time and on this street in cyberspace people are doing the exact same things they're doing in the physical world they're going shopping they're going to their bank they're watching movies or visiting friends but there are also people on this street that are robbing banks selling drugs mugging people committing all sorts of other crimes good guys bad guys they're all there together they're all connected there are no safe neighborhoods in cyberspace now in part this is because the internet was never designed to create safe neighborhoods in cyberspace it was designed by a handful of researchers including some right here at Stanford to connect each other a handful of people who knew each other trusted each other and wanted to share their work with each other only now there aren't a handful of researchers on the internet more than 40% of the world is on the internet and internet traffic is expected to triple in the next three years alone and then there's the growing Internet of Things we are moving to a world where we are going to have appliances that are so smart they turn themselves on when power rates are low and they remind us to buy milk before we run out we're moving to a world of driverless cars and implantable medical devices that can transmit vital data about our bodies directly to our doctors the growing Internet of Things is incredible but it comes with a dark side and that dark side is called vulnerability because anything that is smart is vulnerable now technologists and computer scientists have a rule of thumb and that rule of thumb is that when it comes to code there is one defect for roughly every 2,500 lines of code okay one defect roughly every 2,500 lines of code think of it as a chain-link fence where every 2,500 links in that fence there's a weak link or a missing link right one defect for every twenty five hundred lines of code and think about the cyber bad guys that are out there they're like the velociraptors in the movie Jurassic Park anyone remember them always trying to get out out of the fence so the cyber bad guys are out there and they're spending every minute of every day testing the fence penetrating the fence looking for that one and every 2,500 links that might be weak or missing so they can get through okay now consider this if you have an Android phone that phone has 12 million lines of code making it do all those great things that's nearly 5,000 inherent vulnerabilities in the code not malicious vulnerabilities just mistakes or oversights or weaknesses that are inherent in the code that the coder never thought about if you have a Windows operating system on your computer that's 40 million lines of code the attack surface in cyberspace is huge that leads to the fourth difference which is that in cyberspace victims often don't even know that they're victims until sometimes long after the fact the home depot breach that made headlines in 2014 wasn't discovered until five months after it began one study found that 85% of cyber breaches were discovered weeks after they occurred and more than 90% of them were discovered by third parties not the victims themselves the military is not immune from this challenge either the worst publicly revealed breach in US military history occurred in 2008 when an infected thumb drive was placed inside a u.s. device inside a US military installation in the Middle East a foreign intelligence service had put on that infected thumb drive something called a worm and that worm spread malicious code from computer to computer and eventually accessed classified and unclassified networks and that malicious code also directly sent that information directly to a server under foreign government control and all of this was going on for 14 months before it was detected by the Pentagon 14 months this was a wake-up call for the Department of Defense victims often don't know their victims until long after the fact that leads to the fifth and final difference between traditional national security threats and cyber threats and that difference has to do with warning time before an attack and response time after an attack now throughout history and warfare there's usually been a long lead time for potential warning before an attack occurs and this is because moving people and equipment across territory takes time it takes effort and that means there are often telltale signs that an adversary might be up to no good like massing troops along the border once an attack occurs however response can be Swift because in the physical world of course we usually know who attacked us and we know where they are so long warning time before an attack short response time after an attack in cyber it slipped no warning time before an attack but response is hard and sometimes it takes a long time why because of attribution attribution or figuring out who's actually responsible for a cyber attack is sometimes fast but usually it's not because even if you know the computer or the server where the attack originated figuring out who's typing behind that keyboard what's the relationship to a company or an organization or foreign government is much much harder so these timing differences have pretty significant implications for how we think about defense and deterrence in a cyber age and we're just beginning to figure that out now how does the real cyber movie end I don't know but the Nobel laureate Tom shelling once warned we should be very careful about confusing the unfamiliar with the improbable the Sony attack was bizarre but for most of us it wasn't particularly scary for most of us we think about cyber threats of today like this the cyber threats of today or about our information it's about people who steal our credit cards it's about making access to our computers and our smartphones harder it's about remembering how to remember those passwords now the cyber threats of today are annoying they're not alarming but the cyber threats of tomorrow won't just make our information unsafe they could make our physical world unsafe - the cyber threats of tomorrow could disable the cars that we drive the airplanes that we fly they could turn off power or water to cities across the country for days or weeks or longer they could incapacitate our military or even turn our own weapons against us the cyber threats of tomorrow could affect anything that requires a networked computer to operate and increasingly that means everything thank you very much

Info

Channel: TEDx Talks

Views: 121,570

Rating: 4.6439066 out of 5

Keywords: TEDxTalks, English, United States, Technology, Cyber, International Affairs, Security

Id: JSWPoeBLFyQ

Channel Id: undefined

Length: 16min 54sec (1014 seconds)

Published: Mon Jun 29 2015