There was an interesting piece in the Wall Street Journal today about the increase in cyber attacks waged against the Defense Department.   The Journal also has written about  increased cyber intrusion into the power grids across the United States, and these reports are very troubling.

In December of last year,  the electronic payment services firm RBS WorldPay was robbed by hackers who stole personal data on about 1.5 million consumers.  That’s far less than the 45 million credit cards snatched from retailer TJ Maxx in 2007, but it’s still very disconcerting.  Last week, Heartland Payment Systems announced it, too, had suffered a serious breach of its security in what may prove to be the largest data leak ever.

The consultancy firm Gartner believes it sees a pattern emerging, and that payment processors will become, if they are not already, the main target for hackers.  Why?  Because that’s where the data is.

While this may be a simplified explanation on how these thefts have occurred, it will serve the purposes of this discussion today.  Using the brute strength of millions of computers world-wide, hijacked by malicious software delivered in spam email, a virus was able to insinuate itself into Heartland’s systems.  While sitting there undetected on a server, it would be watching for transmissions that represented authorization requests for credit card transactions.  This malicious software, or “malware,” would come to life and capture the data.

Data storage of this nature must be encrypted.  Past data leaks have shared a common trait – - there was inside help.  No data was lost during transmission, as it was like trying to hit a target moving at near the speed of light using a bow and arrow.

The difference now is that it seems data can, in fact, be intercepted.  Instead of that bow and arrow, though, the hackers are setting the nets directly on storage facility servers where they simply sit until incoming transmissions are received.

The ante has been upped, though, by these recent intrusions into the Defense Department’s $300 billion Joint Strike Fighter project — the Department’s costliest weapons program ever.  While the most sensitive data is stored on computers that are not connected to the Internet, and thus not vulnerable to cyber-reaching, it is nonetheless a scary proposition that it’s happened at all.

While hackers in China are the leading suspects, it is difficult at best to trace the route back to its origin.  The people responsible for these activities connect to multiple computers, often without the knowledge of the owners, in a network of aliases commonly referred to as ” ‘bot nets”, or robot networks of computers. With so many Internet Protocol (IP) addresses in between the actual hackers and the Defense Department computers, it’s easy to hide behind the network.

A Pentagon report issued last month said that the Chinese military has made “steady progress” in developing online-warfare techniques, according to the WSJ news story today. Apparently China hopes its computer skills can help it compensate for an underdeveloped military, and in that, they may have a very valid point.

Although pure speculation, stories have existed on the Internet for a long time about young Chinese who are paid to “play” online together to refine and enhance their hacking skills. The rumors suggest teams of hackers pitted against each other in competitions to see who can get into what system and download data before being detected.  It can become  very much like the 1983 movie, “War Games,” no more dangerous-seeming to them than a game of World of War (WOW) or even Dungeons and Dragons.

However, the information they are accessing does place our country in serious danger when assembled over the course of time.  At the moment, there is no centralized federal department responsible for cyber safety yet.  To its credit, the Obama Administration recognizes this weakness, and is making plans to create a senior White House cyber security post whose responsibility it would be to coordinate policy.  Additionally, the Administration is considering a new military command that would oversee and manage the protection of key information networks in the country.

Stealing credit card information about millions of people, while painful and annoying, does not necessarily put people’s lives in jeopardy.  It can be cured in relatively short order.

But, the 1977 New York City power outage, while localized to the city and surrounding areas, resulted in wide-spread looting and serious social disorder.  The blackout of 2003 affected over 45 million people.

Imagine the damage a cyber attack on the national power grid would cause, the chaos it would lead to, the shutting down of business in the affected areas.  Or, imagine if the Pentagon data was compromised by hackers to the degree our national defenses were crippled or weakened.

Missiles and bombs and bullets are important, as are the personnel to deliver them, and no truly necessary expense in these regards should be spared.  But it is far more likely the United States will be attacked virtually than it is we will be invaded by foreign troops or fired upon with nuclear weapons.

The Obama administration is moving in the right direction with its plans to boost spending on cyber defense.  Today’s news simply impresses the importance for speed in those efforts.