By Christos Venetis, Senior Scholar, Program on Information Security Strategy
Recent published cases of well organized cyber attacks are characterized by very high technology methods-software and of different motives which can be activist, political, anti-authoritarian or terrorist.
As hackers continue their rampage against the world’s largest banks, defense contractors and technology companies, executives and government officials are confronting a sobering truth: “The bad guys are winning.”
The seemingly unending string of high-profile attacks, most recently against Citigroup Inc. and Sony Corp., have shown that nearly every organization is vulnerable to a growing contingent of well-trained and agile attackers who are finding security holes faster than they can be plugged.
“It’s gotten very dangerous out there,” said Stan Stahl, a security consultant and president of the Los Angeles chapter of the Information Systems Security Assn. “There’s an epidemic of this stuff going on right now.”
The business of protecting computers and servers from intruders has been growing nearly 10% a year since 2006, but security industry officials say 2011 may be the busiest year yet.
Recently published cases of cyber attacks
“Security worries have increased with the rash of attacks by a hacker group calling itself LulzSec. The group went on a 50-day rampage across the Internet, striking the websites of the CIA, the FBI, the U.S. Senate and a British police agency, among others. The hacker group, which also attacked the websites of Sony, Fox and Nintendo, various porn websites and multiple video game servers and websites, stole and published the account information of hundreds of thousands of individuals”.
Hacker group Anonymous, that its antisec movement hacked and defaced Turkish government websites, in protest against new Internet filtering rules that come into force in the country in August. Turks took to the streets in May to protest against the new filtering scheme, which plans to introduce four levels of filtering – family, children, domestic, or standard – for Internet users by August 22. While protestors describe the rules as mandatory, the government has said they are optional filters for the protection of families.
Anonymous last month launched DDoS (distributed denial of service) attacks on some Turkish government websites in protest against the proposed filtering rules. Among the sites that were attacked were those of the Internet regulator, Telekomünikasyon İletişim Başkanlığı. The group said it released data from about 100 websites in Turkey, and put up its logo and message on some 74 websites, criticizing what it described as greater control over the Internet in Turkey, including blocks on thousands of websites and blogs. Turkey responded last month by arresting 32 persons said to be involved in the attacks on the government sites.
North Korea or its sympathizers were likely responsible for the cyberattack against South Korean government and banking websites earlier this year, according to a new analysis that said it also appears to have been linked to the 2009 massive computer-based attack that brought down U.S. government Internet sites.
A study by computer security software maker McAfee Inc. concludes that the attack that targeted more than two dozen sites in South Korea was a type of “reconnaissance mission” to see how quickly South Korea’s government detected the problem and recovered from it.
Because of the difficulties in determining exactly who launched the attack, there is no way to declare it an act of war by another country or an act of cyberterrorism, espionage or more basic crime by a militant group or others. International officials, in fact, are still trying to define the type of this cyberwar activity. McAfee Inc. worked with customers and partners in the private sector and in government that were affected by the attack, to lessen the impact at the time, and to analyze and reverse engineer the code.
Probably this phenomenon shows that countries are testing each other to evaluate how well they can withstand a cyberattack.
U.S. officials have warned that the next major assault against America could be a cyberattack that could target critical infrastructure such as financial systems, the electrical grid or power plants. And they’ve acknowledged that computer-based attacks will likely be part of any new conflicts, possibly as a first strike that opens the door for a bombing or other kind attack.
The above reference to the published cases was not intended to comment on the motives and aspirations of those mentioned antisec groups. The aim was to demonstrate the extent of diversification of technological evolution and the size and volume of targeting infrastructures.
All the above indicate strongly the need for sustained work and cooperation on the level of international organizations to define responsibilities, develop updated security rules, retrain the staff at all levels of the organizations structure and ultimately to reshape the common sec policies to address these forms of cyberwarfare.
1. Hacker attacks show vulnerability of cloud computing| By David Sarno and Salvador Rodriguez | Los Angeles Times, June 17, 2011
2. Attacks on websites spark demand for cyber-security experts, By Salvador Rodriguez, Los Angeles Times, July 5, 2011
3. Anonymous attacks Turkish websites again IDG News Service By John Ribeiro, July 7, 2011
4. North Korea Blamed For Cyberattack On U.S. & South Korea| Report, Associated Press writer Jordan Robertson contributed to this report.