- By Josh Rogin
Josh Rogin covers national security and foreign policy and writes the daily Web column The Cable. His column appears bi-weekly in the print edition of The Washington Post. He can be reached for comments or tips at email@example.com.
Previously, Josh covered defense and foreign policy as a staff writer for Congressional Quarterly, writing extensively on Iraq, Afghanistan, Guantánamo Bay, U.S.-Asia relations, defense budgeting and appropriations, and the defense lobbying and contracting industries. Prior to that, he covered military modernization, cyber warfare, space, and missile defense for Federal Computer Week Magazine. He has also served as Pentagon Staff Reporter for the Asahi Shimbun, Japan's leading daily newspaper, in its Washington, D.C., bureau, where he reported on U.S.-Japan relations, Chinese military modernization, the North Korean nuclear crisis, and more.
A graduate of George Washington University's Elliott School of International Affairs, Josh lived in Yokohama, Japan, and studied at Tokyo's Sophia University. He speaks conversational Japanese and has reported from the region. He has also worked at the House International Relations Committee, the Embassy of Japan, and the Brookings Institution.
Josh's reporting has been featured on CNN, MSNBC, C-Span, CBS, ABC, NPR, WTOP, and several other outlets. He was a 2008-2009 National Press Foundation's Paul Miller Washington Reporting Fellow, 2009 military reporting fellow with the Knight Center for Specialized Journalism and the 2011 recipient of the InterAction Award for Excellence in International Reporting. He hails from Philadelphia and lives in Washington, D.C.
The loss of industrial information and intellectual property through cyber espionage constitutes the "greatest transfer of wealth in history," the nation’s top cyber warrior Gen. Keith Alexander said Monday.
U.S. companies lose about $250 billion per year through intellectual property theft, with another $114 billion lost due to cyber crime, a number that rises to $338 billion when the costs of down time due to crime are taken into account, said Alexander, the director of the National Security Agency and commander of U.S. Cyber Command, in remarks Monday at the American Enterprise Institute.
"That’s our future disappearing in front of us," Alexander said, quoting industry numbers to estimate that $1 trillion was spent globally last year on dealing with cyber espionage and cyber crime.
But the real threat on the Internet will come when cyber attacks become militarized, a threat the U.S. must deal with now, he said.
"What we need to worry about is when these transition from disruptive to destructive attacks, which is going to happen…. We have to be ready for that," Alexander said. "This is even more difficult to the nuclear deterrent strategies we used to think about in the past."
There are 75 million unique pieces of malware in the database of McAfee, a leading cyber security company, Alexander said. Botnets, networks of compromised computers controlled remotely, send out 89.5 billion unsolicited e-mails per day, about one third of all emails sent. Over 100 countries have network exploitation capabilities, he said.
The number of cyber attacks rose 44 percent in 2011, malware increased by 60 percent, and the number of attacks on critical U.S. infrastructure rose from 9 in 2009 to more than 160 in 2011, Alexander said.
The major companies who have suffered successful cyber attacks since 2011 include Google, Booz Allen, Mitsubishi, Sony, AT&T, Visa, Stratfor, Chamber of Commerce, Symantec, Nissan, Visa, and Mastercard, he said. For every known attack, about 100 are successful and never detected, he added.
"The theft of intellectual property is astounding and we’ve got to stop that, and my part of that is we need to have a viable defense," he said.
Alexander called on Congress to pass cyber legislation, although he declined to endorse any particular bill moving its way through congress. He quoted Secretary of Defense Leon Panetta as warning of a cyber "Pearl Harbor," and quoted Secretary of State Hillary Clinton calling for a new U.S.-China dialogue on cyber issues.
He said that the U.S. government and its interlocutors should move to cloud-based computing, arguing that security in the cloud is more agile and responsive to threats, although not perfect. "We know that the system we are on today is not secure."
The U.S. government also needs more situational awareness in cyberspace and a more organized and active cadre of military cyber warriors to respond to threats, according to Alexander. "We need to build a trained and ready cyber force with the right number and the right capacity," he said.
"The conflict is growing, the probably for crisis is mounting. While we have the time, we should think about and enact those things that ensure our security in this area," he said. "And do it now, before the crisis."