Cybersecurity: Who's Vulnerable To Attack?
MICHEL MARTIN, HOST:
Now, the news about these hacks got us wondering about cyberattacks in general, whether they're more widespread than we realize, and perhaps more sophisticated or more targeted to particular entities.
So we called Richard Bejtlich. He is a former Air Force intelligence officer as well as the chief security strategist at a cybersecurity firm. And he's also a fellow at the Brookings Institution. Thanks so much for joining us.
RICHARD BEJTLICH: Thank you, Michel.
MARTIN: So is what happened at the DNC this past week new in some way? And if so, what makes it new?
BEJTLICH: What makes it new is the release of information. The fact that targets of interest are being compromised by a variety of actors - nation states, organized crime, activists - that has been happening for 15, possibly 20 years. What's different now is what intruders are doing with this data. Previously, they would seek to monetize it. They might seek to use it for their own geopolitical purposes. But privately, what's new, I think, about DNC is using this information publicly to influence an ongoing activity.
MARTIN: Is there any particular entity at this point in our history that is most at risk? I'm thinking as a layperson. I'm assuming that intelligence agencies are most at - or most likely to be targets or our defense capabilities are most likely to be targets. But from your perspective, what do you think?
BEJTLICH: Well, there are two types of targets in cyberspace. There are opportunistic targets, and there are directed targets, or targets that are selected because of who they are. If you're on the internet, you are at risk of being an opportunistic target, simply by the fact that you have a computer, that you have bandwidth. Someone at the very least could use your computer as a way to hide their identity when attacking someone else.
On the other end of the spectrum, you have the military targets, the state targets. If you are doing something interesting in the world and you can think about people who would want to know what you're doing, there's a good chance that they're using some type of digital or cyber means to get access to that information.
MARTIN: That is very disturbing. I want to go back to where we started our conversation. Is there anything about this whole story that particularly concerns you from a cybersecurity standpoint about a new level of intention or of capability?
BEJTLICH: A line has been crossed here. The capability has been there forever. I guarantee you it was not that difficult to break into these various targets. They're not hardened like a military base. They're not hardened like a financial institution.
What's different here is that someone is acting on this information. For so long, people have simply stolen information and they didn't want to be caught, so they wouldn't tell anybody about it. When you take that information and you publish it, that changes the game.
We do need to take measures to explain to the other side that this is not acceptable. Just as we did in the Cold War, where if a physical, a human spy went too far, they'd be declared persona non grata and sent out of the country with maybe a sanction attached to it. We do need to have that sort of mechanism when people cross the line in cyberspace.
MARTIN: That's Richard Bejtlich. He's a fellow at the Brookings Institution, former Air Force intelligence officer and the chief security strategist at FireEye, a cybersecurity firm. We reached him at his home office in Northern Virginia. Mr. Bejtlich, thanks so much for speaking with us.
BEJTLICH: Thank you, Michel. Transcript provided by NPR, Copyright NPR.