recommended reading

Here’s Some Unsettling Advice From the Former Top US Cyberspook About Protecting Humanity

As the only person to ever head both the US National Security Agency and the US Central Intelligence Agency, retired Air Force General Michael V. Hayden has a lot of experience in seeing around corners. He’s now a global security consultant, helping companies and governments to protect themselves against cyber threats and other dangers. Last week, Hayden, also a director of Motorola Solutions and a distinguished visiting professor at the George Mason University School of Public Policy, said in a rare extended interview that Chinese telecommunications giant Huawei Technologies shared sensitive US information with the Beijing government. In a brief aside, he added that he’s undecided as to whether corporations should be allowed to go on the cyber-offensive, even in the absence of government intervention and protection.

Quartz talked to Hayden about the threats private companies face and whether they’re well-positioned to address those threats for themselves, and for humanity.

What cyber threats do you find most concerning?

You’ve got three levels of threats; the shorthand is steal, disrupt and destroy. You’ve also got three levels of actors. You’ve got nation states, you’ve got criminal elements and then you’ve got that mass out there; activists, nihilists, anarchists, Anonymous, Lulzsec and so on. And blessedly the order I gave them to you—states, criminals the rest – is pretty much a ranking of their capability. And what we’re seeing is that all the boats in the harbor are going up, and so capabilities we now associate with criminal gangs or mid-range nation states will over time become available to this third group.

As tough as attribution is, nation states still have to believe that they are responsible for their actions. There can be sanctions and retaliations. Criminal groups, they’re after the money, and they’re in kind of a symbiotic relationship with their targets and even in nature, the parasite would be unwise to kill the host. But the third group, they have sometimes unreasonable, unmeetable, undefinable demands. In one, three or five years, you’ve got a group out there that’s opposed to capitalism, let’s say. And if they start to get some of these advanced capabilities, the very destructive attack for ideological purposes is going to be more possible and more likely. So my line to folks is, this is going to get worse before it gets better.

Read more at Quartz

Threatwatch Alert

Network intrusion / Stolen credentials

85M User Accounts Compromised from Video-sharing Site Dailymotion

See threatwatch report


Close [ x ] More from Nextgov

Thank you for subscribing to newsletters from
We think these reports might interest you:

  • Data-Centric Security vs. Database-Level Security

    Database-level encryption had its origins in the 1990s and early 2000s in response to very basic risks which largely revolved around the theft of servers, backup tapes and other physical-layer assets. As noted in Verizon’s 2014, Data Breach Investigations Report (DBIR)1, threats today are far more advanced and dangerous.

  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

  • PIV- I And Multifactor Authentication: The Best Defense for Federal Government Contractors

    This white paper explores NIST SP 800-171 and why compliance is critical to federal government contractors, especially those that work with the Department of Defense, as well as how leveraging PIV-I credentialing with multifactor authentication can be used as a defense against cyberattacks

  • Toward A More Innovative Government

    This research study aims to understand how state and local leaders regard their agency’s innovation efforts and what they are doing to overcome the challenges they face in successfully implementing these efforts.

  • From Volume to Value: UK’s NHS Digital Provides U.S. Healthcare Agencies A Roadmap For Value-Based Payment Models

    The U.S. healthcare industry is rapidly moving away from traditional fee-for-service models and towards value-based purchasing that reimburses physicians for quality of care in place of frequency of care.

  • GBC Flash Poll: Is Your Agency Safe?

    Federal leaders weigh in on the state of information security


When you download a report, your information may be shared with the underwriters of that document.