CybersecurityExperts warn of growing cyber security risks to U.S., criticize Congress’s inaction

U.S.and Russian cyber experts are trying to scare officials into improving cybersecurity protection in the United Statesand around the world.

During a presentation at a conference held in Washington,D.C.,  former National Security Agency director Michael Hayden told officials that the United Stateshas to resolve basic issues on how to police the Internet as well as how to defend critical infrastructure.

The Chicago Tribune reports that at a separate presentation, Eugene Kaspersky, chief executive officer of Moscow-based Kaspersky Lab, painted a darker picture,saying if government-sponsored intrusion software proliferates in the same way that viruses have in the past, “somewhere in 2020, maybe 2040, we’ll get back to a romantic time — no power, no cars, no trains.”

The cybersecurity threats have escalated sharplyin the past two years,as U.S. officials have dealt with the theft of trade secrets and increasing threats to infrastructure. Congress failed to pass legislation aimed at protecting vital private infrastructure networks and facilities,leaving the United Statesvulnerable to increasing and more powerful attacks.

According to Kaspersky, viruses are becoming more advanced every day. “If previous viruses were like bicycles,” Kaspersky told the Chicago Tribune “then the Stuxnet worm that damaged uranium enrichment centrifuges at the Natanz plant in Iran two years ago would be a plane and the latest programs, dubbed Flame and Gauss,would be space shuttles.”

Stuxnet infected tens of thousands of machines when it hit, but according to Kaspersky, it was written by cautious “professionals” who minimized the damage. Kaspersky told members of the Billington Cybersecurity Summitat the National Press Club that a bootleg version of the virus will be much less discriminating. “We need to upgrade our understanding that the world is different,” Kaspersky told theTribune. “We need to pay more attention to the critical information technology security issues.”

There is little room for optimism about the ability of government to stop cyber attacks of increasing severity and scope. Kaspersky noted that stopping criminals and terrorists, who will adopt the same techniques employed by the government agencies which designed and unleashed Stuxnet, would take strong international cooperation and deeper monitoring of the Internet, which many oppose on privacy grounds.

Kaspersky and Hayden also said that international treaties or even nonbinding agreements were nowhere in sight.

Even worse is the fact that Congress and other branches of the government cannot reach an agreement on a baseline for cybersecurity.

Hayden told the Tribune that inside the administration the Department of Defenseconsiders cyberspace as a domain that it must “dominate” while DHS has publically disagreed.

A major hurdle, which is likely to bearound for some time,is that communications networks are the same for military operations and civilian transactions, with the latter beingprotected from unreasonable searches. The feeling is that many Americans would not by happy with the concept of having their internet activity being watched.

Hayden feels as time progresses, civilians will eventually be asked for their input on cybersecurity situations.

“You and I have not yet given our government guidance about what we want it to do,” Hayden said.