Industryweek 14584 80433251

General Hayden's Taxonomy of CyberSecurity "Sinners"

May 27, 2014
General Hayden's Taxonomy of Cybersecurity "Sins and Sinners"

As the cyber-espionage dispute between China and the U.S. escalates, following the indictments of Chinese hackers, it's interesting to note that General Michael Hayden has asserted that, in the future, state-sponsored cybersecurity threats won't be business' biggest concern.

Recounting his "taxonomy of sinners" to attendees at last month's 2014 MAPI Executive Summit, Hayden said business leaders have three groups to counter. "Racked and stacked" in terms of talent (as in, they're good at cyber espionage), they include the following:

  1. Nation-States - At the top of Hayden's talent scale are nation-states. Make no mistake, Hayden declared, all the nation-states conduct cyber-spying for national security reasons. However, most countries, except for the U.S. and "only a few other countries," also conduct economic cyber espionage to achieve economic advantage--to steal intellectual property, trade secrets and the like.
  2. Criminal Gangs - Closely following nation-states in terms of talent are criminal gangs, many of which operate with the tacit approval of nation-states where they reside. Noting that many of the gangs are based in the post-Soviet space--Ukraine, Belarus, etc.--"the Russians are quite happy for them to shoot outward... as long as they don't shoot inward. And, reminiscent of the first scene in the first Godfather movie: In return for [allowing you] to uninterruptedly shoot outward, the godfather will come to you occasionally for a favor."
  3. Activists - "I don't have a good word to describe them," Hayden said. But they include [groups like] Anonymous; [they're] the disaffected, "the angry people living in their basement who are very, very smart."

The first two groups, though more talented, he noted, tend to self-limit their cyber-activities. "As bad as nation-states are, they have to fess up and live with what they do," he said. "Gangs are bad, but they are parasitic and won't destroy the host, so there are limits on what they will do."

So, it's the activists that Hayden worries about. "I'm most concerned about Group #3," he declared. "I don't know what motivates them. I don't know what satisfies them. And then they come after you not because of anything you've done, but just because you've got an iconic label slapped on you. [Because] you're part of the system."

Further, he noted, the activists are learning fast. "The tide's coming in, and all the boats in that cyber harbor? They are going up," Hayden said. "So what we’re seeing is folks down here (the activists) acquiring the capacities we now associate with these groups (the criminal gangs) and this group (the criminal gangs) now acquiring the capacities we associated with nation-states."

In his address, Hayden also shared how business leaders can defend against cyber intrusions, the subject of the first post in this series. Future posts will share Hayden's view on the scope of the cybersecurity threat and the U.S. government's efforts to combat cyber threats.

Popular Sponsored Recommendations

How Manufacturers Can Optimize Operations with Weather Intelligence

Nov. 2, 2023
The bad news? Severe weather has emerged as one of the biggest threats to continuity and safety in manufacturing. The good news? The intelligence solutions that build weather ...

An Executive’s Guide to OT Cyber Incident Response

June 28, 2023
Learn what it takes to develop effective and rapid OT incident response capability to meet your organization’s unique needs.

You Cannot Stay Competitive by Bolting New Technologies to a Legacy ERP

Oct. 20, 2023
Read this white paper to understand the benefits of shifting to a next-generation ERP system as part of a DOP.

Monitoring IT, OT and IIoT: Use Cases and Dashboards

Aug. 20, 2023
The convergence of IT and OT makes it crucial to have a unified view of the entire infrastructure. From machines on the factory floor, PLCs, and IIoT devices, to industrial gateways...

Voice your opinion!

To join the conversation, and become an exclusive member of IndustryWeek, create an account today!