The threat to our nation’s critical infrastructure via cyberspace attacks is a direct result of the sophisticated range of digital software tools, the openness of most networks, the interconnectedness of the Internet, and the limited to weak range of cybersecurity programs.
The enormous number of lines of code required in creating operating systems and various software applications is astounding. In some cases, it is not uncommon to find that several million lines of software code are necessary to create a program, and the ability of an individual to gain access to this system is a result of specific penetration tools that enable this exploitation.
The difficulty in providing cyber security to these operational programs is a challenge since cyber attacks can take the form of Zero Day attacks, in which the attack is a unique, first-time attack with no previous code signature available for defensive purposes.
Today, digital attack tools are constantly being developed to penetrate these new defensive countermeasures. In addition, the increasing skills observed in those utilizing computer systems is a direct result of expanding educational programs, and unfortunately, some people choose to use their skills in less than legally or morally acceptable ways.
Thus, cyber threat capability as a result of knowledge, whether acquired in formal educational systems or through informal “hacking community associations,” continues to grow and prosper. This capability results in a range of skills as a result of the exchange of knowledge.
These factors enable both the use and creation of new digital software tools. These software tools can be applied with the incredible computer equipment that exists today and continue to improve in a continuous flow of productivity based on the increasing power of computer chips, the increasing speed of broadband networks, and the increasing capability to share data well beyond Exabyte capability.
Cyber threat is therefore defined by the capability that one’s opponent has in both terms of skills and software or digital tools. However, these tools are based on an array of equipment that must be available along with the knowledge as how to best use tools or skills.
Thus, cyber threat equals the capability of the opponent plus the intent to do damage, take action, or sim- ply monitor activities. The manner in which we pursue these cyber threats is based on our legal system, intelligence system, military system, and a range of additional factors.