Defence bigwigs have issued a stern warning to financial companies at the London Stock Exchange that "so-called patriotic hacker groups" may soon embiggen their attacks on the City and Wall Street.
The talk, organised by the Royal United Services Institute (RUSI) along with the FCA and Bank of England, noted how Western banks and the financial system “are encountering the convergence of economic and cyber warfare.”
Reminding the audience that the government considers cybercrime a “Tier 1 National Security Threat”, Tom Keating, director of RUSI's Centre for Financial Crime and Security Studies, introduced Professor Sir David Omand, former director of GCHQ, who himself went on to introduce US Admiral Michael S. Rogers, the current director of the NSA.
Proffering wisdom to the gathered financiers, the former director of GCHQ said: "I know from my own experience how deep the transatlantic intelligence relationship goes – and how mutually productive it's been over very many years."
That relationship is now flourishing in cyberspace, Sir David claimed. It is ever more necessary now that "we have sold our souls to the internet," he suggested, noting that "we plunged into a system of systems that was never designed to be secure."
Talking of the increasingly indistinct barriers between cybersecurity and economic warfare, Sir David warned that as a possible result of increased sanctions against Russia over its behaviour "in Crimea and Ukraine, I would expect so-called patriotic hacker groups to attack Wall Street and the City in return."
He additionally noted:
You have to ask yourself: have trojan viruses and worms already been planted in peacetime, so that if we ever get into a serious confrontation with a potentially hostile state, then we will suddenly discover disruption?
Admiral Rogers, who succeeded General Alexander as head of the controversial US snooping agency, offered a grim warning: "We're in a world now where despite your best efforts, you must prepare for and assume that you will be penetrated."
He added one of the issues he addresses both within the NSA and when speaking to the private sector is the degree to which organisations understand their own network infrastructure. While avoiding a direct reference to Sun Tzu, "know yourself" is an accurate paraphrase of his advice to such groups.
The head of the NSA acknowledged the strong maturity of the financial sector in dealing with cybercrime, but extending such practices to the middle and lower levels of the industry is difficult when those companies do not have the resources or the expertise to ensure their systems are secure. ®