As SANS Institute Director of Research Alan Paller declared to SCMagazineUS.com., United States desperately seeks for the best ways to supervise all internet traffic to government and private-sector networks “to find the enemy within.” This pressing need was triggered by China’s incisive, non-stop campaign to break into important American government and industry databases.
Paller revealed that researchers have come across empirical evidence which indicate Chinese government as the one behind the well-financed attack intended to penetrate key national security and industry databases. It is also believed that this endeavor is undertaken with recruits from China's People's Liberation Army.
The SANS research director pointed to the amplitude of this attack which is obviously well guided and financed. In order to identify “micro-patterns” that suggest breaches, all Internet traffic (to government and private-sector networks ) must be thoroughly monitored.
A list of cybersecurity threats recently compiled by SANS experts has placed espionage from China and other nations near the top. It seems that targeted spear phishing has gained popularity as it preferred in the attacks on U.S. databases -“They are using spear phishing because it is so effective, and it is the least difficult technique [of gaining entry]” Paller explained.
It’s not difficult to estimate the size of this digital assault considering that at the end of 2007, President Bush asked for $154 million worth funds for an allegedly seven-year, multibillion-dollar program created to fight against cyberthreats directed on government and private networks.
Among the suggested countermeasures there are the limitation of access points between government machines and the internet from 2,000 (which they are at present ) to 50, and the assignment of up to 2,000 DHS and NSA security specialists assigned to supervise full-time the infrastructure networks and stop any attempt of unauthorized access.
However, important members of Congressional oversight committees were displeased with the fact that they had not yet been fully informed regarding the proposal. Their main concern is related to possible violation of privacy.
On the subject of privacy, Alan Paller made further statements meant to ensure that such supervision which the government may pursue can be carried on without infringement of privacy rights provided that the whole operation is so conducted as to guarantee that it is the traffic not the contents of emails, which is being monitored.
