Rising Cyber-War Threat Forcing Nations to Bolster Defenses: McAfee

Cyber-security experts are concerned about the prospect of cyber-war and the growing number of cyber-threats, according to a recent report released by McAfee.

Over half, or 57 percent, of cyber-security specialists surveyed in the "Cyber-security: The Vexed Question of Global Rules" report said a global arms race is taking place in cyberspace, McAfee said Jan. 30. In addition, 84 percent of those surveyed said cyber-attacks threaten national and international security as well as trade.

Respondents felt cyber-security should be considered a part of the country's military defense. About 36 percent of respondents said cyber-security is more important than missile defense. Another 45 percent believe cyber-security is as important as border security.

"For the moment, the 'bad guys' have the upper hand—whether they are attacking systems for industrial or political espionage reasons, or simply to steal money," the researchers wrote in the report.

Criminals are able to "choreograph well-orchestrated attacks" because they have large funding streams, are more agile and don't operate under any legal restrictions when it comes to sharing data, Phyllis Schneck, McAfee's vice president and CTO, said in the report. "Until we can pool our data and equip our people and machines with intelligence, we are playing chess with only half the pieces."

The defense industry has a "solid partnership" with the Department of Defense to share threat intelligence, but this type of relationship needs to be expanded to include other industries, Kevin Gronberg, senior counsel of the Homeland Security Committee in the House of Representatives, said in the report.

Unfortunately, the report also found that the private sector is not well-prepared to handle cyber-attacks. Only 20 percent of the respondents from the private sector said their organizations are taking part in cyber-security exercises or taking precautions, according to the report. About 56 percent of respondents claimed there is a skills shortage among the cyber-workforce.

The report also rated the "cyber-readiness" of various countries based on how a nation's defenses are perceived by cyber-experts. Size or wealth doesn't necessarily translate to the country's ability to defend itself against emerging threats and attacks, the report found.

While none of the countries got the highest five-star rating, Israel, Sweden and Finland were ranked with four-and-a-half stars and were perceived as being the most prepared to deal with cyber-attacks. The United States, Denmark, Estonia, France, Germany, the Netherlands, Spain and the United Kingdom were rated four stars.

China, Italy, Poland and Russia were rated with only three stars, and Mexico was considered to be the worst prepared of the 23 countries rated.

"It has taken the spectacular increase in cyber-attacks for political leaders in the United States, the European Union and part of Asia to sit up and take stock of the costs," the researchers wrote.

Approximately 67 percent of the respondents said the United States and other countries should create regulations to block criminals and attackers from conducting cyber-espionage or damaging critical infrastructure. In the report, 43 percent of respondents said damage or disruption to critical infrastructure is the greatest single threat that has wide economic consequences.

Law enforcement authorities should also be given more power to fight crime that crosses national borders, the report suggested.

McAfee commissioned Security & Defence Agenda, a nonprofit research group in Brussels, to conduct the study. The report included responses from 80 policymakers and cyber-security specialists in government, business and academic sectors in 27 countries, as well as responses collected from anonymous surveys of more than 250 world leaders from 35 countries.