Cyberattacks cost the United States between $57 billion and $109 billion in 2016, a White House report said Friday, warning of a "spillover" effect for the broader economy if the situation worsens.

A report by the White House Council of Economic Advisers sought to quantify what it called "malicious cyber activity directed at private and public entities" including denial of service attacks, data breaches and theft of intellectual property, and sensitive financial and strategic information.

It warned of malicious activity by "nation-states" and specifically cited Russia, China, Iran, and North Korea.

The report noted particular concern over attacks on so-called critical infrastructure, such as highways, power grids, communications systems, dams, and food production facilities which could lead to important spillover impacts beyond the target victims.

"If a firm owns a critical infrastructure asset, an attack against this firm could cause major disruption throughout the economy," the report said.

It added that concerns were high around cyberattacks against the financial and energy sectors.

"These sectors are internally interconnected and interdependent with other sectors as well as robustly connected to the internet, and are thus at a highest risk for a devastating cyberattack that would ripple through the entire economy," it said.

The report offered little in the way of new recommendations on improving cybersecurity, but noted that the situation is hurt by "insufficient data" as well as "underinvestment" in defensive systems by the private sector.

The document was issued a day after US officials blamed Russia for last year's devastating "NotPetya" ransomware attack, calling it a Kremlin effort to destabilize Ukraine which then spun out of control, hitting companies in the US, Europe and elsewhere.

It said Russia, China, North Korea and other nation-states "often engage in sophisticated, targeted attacks," with a specific emphasis on industrial espionage.

"If they have funding needs, they may conduct ransom attacks and electronic thefts of funds," the report said.

But threats were also seen from "hacktivists," or politically motivated groups, as well as criminal organizations, corporate competitors, company insiders and "opportunists."

In an oft-repeated recommendation, the White House report said more data sharing could help thwart some attacks.

"The field of cybersecurity is plagued by insufficient data, largely because firms face a strong disincentive to report negative news," the report said.

"Cyber protection could be greatly improved if data on past data breaches and cyberattacks were more readily shared across firms."

Global powers must address 'episodes of cyberwar': UN chief
Munich, Germany (AFP) Feb 16, 2018 - World leaders must lay the groundwork on how countries respond to cyberattacks that have proven to be a daunting threat, whether by state actors or criminal enterprises, UN secretary general Antonio Guterres said Friday.

"It is clear we are witnessing in a more or less disguised way cyberwars between states, episodes of cyberwar between states," Guterres said during one of the opening speeches at the Munich Security Conference.

"It's high time to have a serious discussion about the international legal framework in which cyberwars take place," he said.

"The fact is we haven't been able to discuss whether or not the Geneva convention applies to cyberwar and whether international humanitarian law applies to cyberwar."

The United States and Britain on Thursday blamed the Russian military for last year's devastating "NotPetya" ransomware attack, calling it a Kremlin effort to destabilise Ukraine, which spun out of control.

The attacks ended up crippling computer networks in the United States and Europe, including those of some big companies.

Washington has also blamed North Korea for the huge "WannaCry" ransomware attack last May in which more than 300,000 computers were struck in some 150 nations.

"How to respond in cases of permanent violations of cybersecurity? What are the different uses that criminal, terror organisations are making of the web?" Guterres said.

Finding a consensus on how to respond to such attacks is urgent, he said, "especially now that artificial intelligence, that is providing enormous potential for economic development, social development, for the well-being of all, is also in the opinion of many an existential threat for humankind."

"It is necessary to bring together governments, the private sector, those involved in civil society, academics, research centres, in order to be able to establish at least some basic protocols to allow the web to be an effective instrument for the good," he said.

Related Links
Cyberwar - Internet Security News - Systems and Policy Issues

Tweet

Thanks for being here; We need your help. The SpaceDaily news network continues to grow but revenues have never been harder to maintain. With the rise of Ad Blockers, and Facebook - our traditional revenue sources via quality network advertising continues to decline. And unlike so many other news sites, we don't have a paywall - with those annoying usernames and passwords. Our news coverage takes time and effort to publish 365 days a year. If you find our news sites informative and useful then please consider becoming a regular supporter or for now make a one off contribution.
SpaceDaily Contributor $5 Billed Once credit card or paypal		SpaceDaily Monthly Supporter $5 Billed Monthly paypal only

Thousands of websites infected by 'crypto mining' malware
Washington (AFP) Feb 12, 2018
Thousands of websites around the world, including many operated by governments, have been infected by hackers using the sites' computing power to "mine" cryptocurrencies, security researchers said. The attack is the first major incident made public in which a new breed of hackers took over a large numbers of websites to effectively create currencies like bitcoin which are generated by using computing power. The attacks made public over the weekend by British security researcher Scott Helme showe ... read more