Cyber security: War Games or Mission Impossible?

The internet is not reliable or secure enough to cope with the load we are putting on it, according to President Obama's cyber security advisor.

The global digital infrastructure is "neither secure enough nor resilient enough for what we use it for today", which means fixing it is one of the biggest economic and national security problems of the 21st century, according to Melissa Hathaway, acting senior director for cyberspace for the National Security and Homeland Security Councils.

Hathaway has been leading President Obama's 60-day cyberspace policy review, which was completed last week.

Speaking at the RSA Conference in San Francisco, Hathaway said there have been "countless intrusions" which have allowed criminals to steal millions and spies to pilfer intellectual property and other secrets, citing the example of when 130 ATMs around the world were secretly emptied in a single 30-minute period.

She also referenced a few Hollywood examples of the problem of cyber attacks, including War Games and Bruce Willis action movie Die Hard 4.0 which illustrate the types of risks faced. Hathaway even made her entrance to the music from Mission Impossible, emphasising the scale of the job that has to be done.

"We need to demonstrate that the US takes cyberspace policy seriously," she said, but also acknowledged it will take the involvement of the private sector which designs and builds most digital infrastructure.

"Cyberspace won't be secured overnight off the back of one good plan. It's a marathon not a sprint," she said, adding: "The US cannot succeed in securing cyberspace if it works in isolation."

Meanwhile, fraudsters are operating online with low risk and high rewards, according to Dave DeWalt, president and CEO of security company McAfee, in his keynote at the conference. Last year saw more malware than in the last five years combined, he said.

Enrique Salem, president and CEO of Symantec, also warned at the conference that the threat environment is "changing rapidly" with fraudsters moving to "micro-distribution" and targeting individuals for fraud.

"The current security model isn't working. Security is often done piecemeal" he said, and security professionals are tired of dealing with individual products and "being systems integrators".

It's a stance put forward earlier in the week by president of security company RSA Art Coviello, who warned that security technologies are leaving "perilous gaps of risk", because suppliers do not work more closely together.