Ex-CIA Official Warns Black Hat Attendees of Coming Cyber-War

LAS VEGAS—The former U.S. counter-terrorism official who raised the alarm that a major terrorist attack was coming before 9/11 is now warning that cyber-war is an imminent threat.

The security community needs to influence and educate government decision makers about the potential threats from cyber-criminals and nation-states, Cofer Black, former director of the Central Intelligence Agency’s Counterterrorist Center, said in his keynote speech Aug. 3 at the Black Hat conference. Cofer was the U.S. Department of State’s coordinator for counter-terrorism with the rank of ambassador at large from December 2002 to November 2004.

Many of the top decision makers, Cofer said, are still ignorant of the threats that are out there and how they target major corporations, government agencies and the defense industry.

Even as the security professionals try to warn the decision makers, they may not be believed or taken seriously, Black said. When al-Qaida was gaining strength in the mid-1990s, and up until the 9/11 attacks, terrorist threats were not well understood. So many top government officials dismissed the warnings he and other counter-terrorism analysts were voicing that a major attack was coming.

“The problem is, decision makers don’t understand the threats completely because they have not personally experienced them. They may hear it, but they don’t believe it,” Black said. Black said the threat of al-Qaida appears to be fading from prominence, but cyber-attacks will escalate.

“We had the Cold War, the global war on terrorism and now you have the Code War, which is your war,” he said.

A 28-year veteran of the Central Intelligence Agency, Black said the lead-up to 9/11 may be analogous to what’s happening with targeted persistent attacks carried out against the defense industry and other high-profile targets.

“The validation of that threat will come into your world,” Black said.

“There is an analogy to the tech world in all of this, and the situation in your world is far more challenging than you may appreciate.”

The ability of Stuxnet to physically damage equipment has made cyber-security significantly more important, Black said. The fact that cyber-attacks can impact the physical world means cyber-techniques must be considered as a tool that terrorists can utilize, Black said.

Stuxnet damaged centrifuges used to enrich uranium in Iran's nuclear facility setting back the country's nuclear development program. The latest reports indicate Iran is replacing the centrifuges outright because of the damage.

“I can’t say I understand how it was executed, but the important point is, this is expensive to pull off, which means a nation-state was involved,” Black said, adding that cyber-attacks will be “key component” of future conflict against “a nation-state, a rogue state or terrorist groups.”

Until recently, the U.S. Government counterterrorism groups have been focused on the possibility of chemical, bacteriological, radiological and nuclear attacks, Cofer said. Cofer listed the threats in the order of likelihood of these attacks happening, Cofer said. The appearance of Stuxnet has changed that, and the concerns are now kinetic, bacteriological and cyber.

“The Stuxnet attack is the Rubicon of our future,” Black said. The Rubicon was the river near Rome that Julius Caesar crossed before launching the campaign aimed at making him the dictator of Rome.

“Your world, which people thought was college pranks cubed and squared, has now morphed into physical destruction...from the victim's view, of a national resource. This is huge,” he said.
In the midst of his speech, the real fire alarm went off, complete with flashing lights, loud sirens and an automated voice saying the alarm was under investigation. After a few moments of awkward silence by Black, at which point the audience realized he hadn't engineered the alarm, he continued with his speech.

It appears the real fire alarm was pulled by a prankster. Regardless, it set a very appropriate tone for the speech, according to Cameron Camp, a researcher at ESET.

"We're all in this together, and we're counting on you," Black told attendees.