Companies are on their own to fend off cyber attacks, Hayden tells AAPEX crowd

Nov. 2, 2016
Retired four-star General Michael Hayden, a former director of the Central Intelligence Agency and the National Security Agency, delivered the keynote address “Cyber Security and the Threat of Cyber Attack” at AAPEX 2016.

Retired four-star General Michael Hayden, (USAF retired), a former director of the Central Intelligence Agency (CIA) and the National Security Agency (NSA), delivered the keynote address “Cyber Security and the Threat of Cyber Attack” at AAPEX 2016 this morning.

There’s been a shift in the tectonics and things that seemed permanent in society are proving not to be, Hayden said. The real tectonic involves changes in the power of states and the nature of power.

“Nation states and hard power (military strength) play less of a role today. Sub-state actors and even individuals are empowered. Failed states create risk.”

In fact, the U.S. is threatened less by conquering states than we are by failing ones, he said. The industrial era accrued power to the center, to large powerful nations. In today’s post-industrial era power is pushed out to the edges.

“Today we can do things ourselves online that we used to get from trained professionals,” he said citing the website Zillow, an online real estate database company that offers information to anybody that used to be avilable only to real estate agents.

“It has pushed power out to the edge, rather than put power concentrated at the center. There is a lot of good to that, but the dark side of that is it has pushed power down to groups, gangs and individuals," Hayden said.

As a result of this, threats today are the products of empowerment and connectivity and are from non-state actors including terrorism, cyber attacks and transnational crime. The Web is the largest ungoverned space in history, he said.

It allows these elements to steal intellectual property and credit card numbers, to corrupt financial records by moving decimal places, and to hurt company networks and create physical destruction

“This is the work of nation states, criminal gangs and hacktivists,” he said. “The U.S. only steals online information to keep you safe, not to get money or create terror.”

Hayden mentioned several hack attacks including Staples, Home Depot, Target, Anthem and JP Morgan Chase & Co.

“The Target attack came through a subcontractor that handled the HVAC system. The hacker got in through the HVAC system and migrated to the point of sale. North Korea attacked Sony Pictures due to a movie that portrayed their leader unfavorably. They stole data, created data and destroyed networks. It was a vile attack by a nation state against a U.S. company to punish them or to coerce their activity.”

Iranian cyber gangs working on behalf of the Iranian state launched a wiping attack against the Las Vegas Sands Corporation due to the politics of its chairman, billionaire Sheldon Adelson, he said

Hayden said the Chinese attack on the U.S. Office of Personnel Management was “legitimate state espionage” and could have been prevented by better cyber security.

Russia attacked the Ukrainian power grid on Dec 23 2015, creating a massive power outage in western Ukraine that left about 700,000 homes in the dark, he said.

The Russia Federation using Russian criminal gangs stole emails of the Democratic National Committee, which he called “honorable state espionage. They stole them and released them through Wiki Leaks to try to influence a U.S. election. They were trying to erode confidence in our electoral processes, not select a winner in the presidential election.”

What is U.S. government doing about this? Not much, he said.

“The cavalry ain’t coming" because we have the Constitution of the U.S., he said, citing the phrase that says “The right of the people to be secure in their persons, houses, papers and effects against unreasonable searches and seizures, shall not be violated.”

“We have not decided what we will allow our government to do to keep us safe in this new era,” Hayden said. “Our government got the Chinese to cut back on their industrial espionage, and that seems to have helped.”

When government is late to help, the private sector steps in. He said the private sector can be both a victim, such as Bank of America and JP Morgan Chase, and a solution, citing Firefly and other similar companies. He noted that cyber risk insurance is a growing industry.

“The private sector is the main body for providing defense against cyber attacks,” he said. “There are lots of private companies that can help you fend off cyber attacks.”

He said the biggest challenge with cyber security is not just providing an adequate defense, but preserving why we have the internet in the first place.

Subscribe to Aftermarket Business World and receive articles like this every month….absolutely free. Click here.

Sponsored Recommendations

ZEUS+: The Cutting-Edge Diagnostic Solution for Smart, Fast, and Efficient Auto Repairs

The new ZEUS+ simplifies your diagnostic process and guides you through the right repair, avoiding unnecessary steps along the way. It gives you the software coverage, processing...

Diagnostic Pre- and Post-scan Reports are Solid Gold for Profitability

The following article highlights the significance of pre-scans and post-scans, particularly with Snap-on scan tools, showcasing their efficiency in diagnosing issues and preventing...

Unlock Precision and Certainty: TRITON-D10 Webinar Training for Advanced Vehicle Diagnostics

The TRITON-D10 lets you dig deep into the systems of a vehicle and evaluate performance with comparative data, systematically eliminating the unnecessary to provide you with only...

APOLLO-D9: Trustworthy Diagnostics for Precision Repairs

The APOLLO-D9 provides the diagnostic information and resources you need to get the job done. No more hunting through forums or endlessly searching to find the right answers. ...

Voice Your Opinion!

To join the conversation, and become an exclusive member of Vehicle Service Pros, create an account today!