NEWSWATCH 12 Long Beach Business Journal
February 4-17, 2014
Cyber Security: Keeping The Ones And Zeros – And The Nation – Safe ■By MICHAEL GOUGIS Contributing Writer Plans, documents, technical drawings – they’re not kept in safes anymore. No one locks them in their desk drawer as they leave the office at the end of the day. In most cases, they don’t “exist� in the sense that they have for thousands of years. Like so many other “things� of value today, more and more, plans, designs and drawings for everything are code, lines of ones and zeros on a computer screen. And trying to keep those digitalized files safe and out of the wrong hands forms the newest frontier of corporate and defense security.
Cyber security – the protection of technical data in a wide variety of forms – is so critical that some say that one of the biggest threats to the nation doesn’t come in the form of a bomb or a gun, but in the form of a computer hacker or a corrupted or stolen program file. And this is the thought behind the panel discussion on “Cyber Security, Counterfeit Parts & Materials: An Escalating Global Challenge for Aerospace & Defense Manufacturers,� scheduled for the upcoming AeroDef Manufacturing Summit and Exposition at the Long Beach Convention & Entertainment Center.
“A lot of people talk about the next cyber 9/11. When people think of attacks, they think of outwards attacks where you can see things like bombs going off or buildings collapsing,� said Jim Fisher, director of operations, National Center for Defense Manufacturing & Machining and one of the panelists at the event, scheduled for February 25-27. “But when you talk about cyber, it’s something you can’t necessarily see until it occurs. That can be very dangerous. It needs to be taken very seriously. It can have huge impacts on our economy and even our national security.� The issue is so critical that Pentagon
business
made personal $W ,QWHUQDWLRQDO &LW\ %DQN \RXU VXFFHVV LV RXU EXVLQHVV 2XU FXVWRPHUV GHDO GLUHFWO\ ZLWK ORFDO GHFLVLRQ PDNHUV ZKR NQRZ WKHP SHUVRQDOO\ÂłDQG KDYH D JHQXLQH LQWHUHVW LQ WKHLU ORQJ WHUP VXFFHVV 7UXO\ SHUVRQDO EXVLQHVV EDQNLQJ
EXVLQHVVPDGHSHUVRQDO ,QWHUQDWLRQDO &LW\ %DQN _ ( 2FHDQ %OYG /RQJ %HDFK &$ _ _ ZZZ LFE EL]
4,4),9 -+0*
officials have recently announced plans to step up the protection of even non-classified information. “Stolen data provides potential adversaries extraordinary insight into the United States’ defense and industrial capabilities and allows them to save time and expense in developing similar capabilities,� Secretary of Defense Chuck Hagel wrote in an October 10 memo on “Safeguarding Unclassified Controlled Technical Information.� In that memo, Hagel outlined several plans to increase the security on even uncontrolled technical information “that resides on or passes through defense contractor systems or networks,� and ordered the department to propose an amendment to federal security regulations for defense contractors. In November, Pentagon officials approved new rules that would require defense contractors to tighten their computer security procedures and to report any cyber intrusions that resulted in the loss of controlled technical information. But increasing the level of protection on electronic files isn’t easy. Just ask the Recording Industry Association of America (RIAA), which has seen file-sharing nearly destroy the entire entertainment recording business. (Things are so bad for the RIAA that the group has been reduced to begging schools to introduce anti-piracy lessons into kindergarten and elementary school curricula, and no, I’m not kidding). While it obviously is harder to steal the wing design of the next-generation fighter plan than it is to download a copy of or illegally stream the latest “Iron Man� movie, the problem at its core is the same. The “thing� in question is nothing more than a digital file, a collection of ones and zeros on a computer screen. “Everything is done by code. Everything is designed by machines. Nothing is designed by people drawing things with pencils. It’s all done mechanically. And that’s the problem,� said Richard “Dickie� George, senior advisor for Cyber Security at the John Hopkins University Applied Physics Laboratory. “What we find is that we don’t always know about where the parts come from, whether they provide all of the security they need, or even if they have other characteristics that you don’t know that they have,� Dickie added. “In some sense, it’s very hard to really certify, because if you look at the amount of code that we have in many of these products, it’s very hard to go in and see what all of the code is doing. When you think the code is doing one thing, it’s actually doing something else.� Protecting that code, obviously, presents challenges that are, simply put, unique in human history. It’s almost hard to fathom that someone halfway around the world could, without ever setting foot onto your property, steal not just the plans for a sophisticated piece of machinery, but the instructions to machining tools that will carve out or build the parts needed for that piece. “We’re moving more and more into a digital age when it comes to manufacturing, where hard copies, drawings, are no