Acts of Terrorism vs. Cyber Threats: New Offense Scenarios

Thursday, February 02, 2012

Plagiarist Paganini


(Translated from the original Italian)

We are at an historical turning point today in the U.S., and the situation is similar all over the world: The threat of terrorist acts have been surpassed by cyber threats, at least this is the opinion of FBI Director Robert Mueller. 

Cyber crime, cyber-espionage, massive attacks, hacktivism, and the use of cyber weapons against critical infrastructure are all phenomena that are increasing in frequency and able to induce more damage than a conventional act of terrorism.

Consider also that cyber crime is difficult to identify and can be perpetrated for a long period of time covertly with terrifying consequences.

In terms of security, last year we witnessed an escalation of cyber operations that on more than one occasion have distinguished themselves for their effectiveness and damage inflicted.

I speak for example of the numerous attacks by Chinese or Russian hackers against government and private computer facilities, and the incredible number of attacks committed by hacktivist groups like Anonymous in expressing their dissent against political decisions.

“I do not think  today it is necessarily [the] number one threat, but it will be tomorrow,” Mueller said. “Counterterrorism — stopping terrorist attacks — with the FBI is the present number one priority. But down the road, the cyberthreat, which cuts across all [FBI] programs, will be the number one threat to the country.”

The message is clear, we are faced with a dangerous threat experiencing constant and impressive grow, and which has a serious offensive potential. The threat itself is complex in its genesis, as evidenced by the fact that we are dealing with a heterogeneous composition of risk factors which could lead to serious consequences concurrently.

No matter if it is related to an attack by hostile government or by citizens disgruntled with political decisions, the result is the same and we must implement measures to contain them. What is the level of preparedness of the major nations of the world against these cyber threats?

Israel, Finland and Sweden are the most prepared nations in terms of cyber defenses. Meanwhile, with great surprise, those countries with most aggressive cyber strategy, like India, Iran and China, are facing serious difficulties, according to a McAfee. 

Consider that nations like Israel undergo an impressive number of cyber attacks constantly, an approximate estimation is around 1000 attacks every minute.

A good rank depends on several factors, such as the implementation of technological countermeasures (e.g firewalls, end point protection systems) and more complex matters including well-informed governance and education. 

To fight the threat it is essential first of all to establish a solid cooperation between government and the private sector which effectively controls about 80% of the critical national infrastructure.

The private sector is extremely vulnerable to cyber attacks and holds much of the intellectual property of a nation.

Russia and China are the countries responsible for the largest number of attacks designed to steal foreign intellectual property, trade secrets and national security information, which is the new frontier of espionage.

From a cyber security perspective, we have observed an exponential grow of threats. Consider that every day more than 60,000 new malware strains are identified, and with the same trend of growth we recorded continuous attacks of hacking groups targeting the main structures of a nation like the U.S.

Tracking back to origin of those malware strains we have found that control servers are often located in China and the intrusion mainly targets firms in the defense industry. Sykipot as an agent is a good case study for this.

What I personally care about most is the organizational capacity of groups of hackers and criminal organizations that use increasingly advanced technologies on which they dedicate a continued focus in bringing about new improvements.

Related to government-sponsored cyber threats, which are the most active countries? Researchers are convinced that the U.S. and China are the most active because they are by far most often the starting points for cyber attacks.

According a report of the security firm NCC Group, the U.S. accounted for 22 percent of all the world's cyber attacks, while China was second with a 16 percent share.
NCC estimates that the combined hacking attempts originating from the two countries cost the global economy roughly $44 billions.

Russia was at third place with responsibility for 3.6 per cent of attacks at a cost of roughly $4 billion in damages, followed by Brazil with 3.5 per cent and Italy with 3.1 per cent of the world's hacking activity. The impact on the the global economy should therefore be the object of considerable attention by the major of security firms, and cybersecurity market is rapidly growing.

We have often discussed the crime industry that operates following processes well defined and pursuing quality objectives as any big companies. During the last couple of years we had a long list of cyber attacks and more of them were similar to the data breaches at RSA and Symantec.

Don't forget also the operations conducted by Anonymous like the intrusion and the data breach in the systems of cybersecurity firm HB Gary, in which more than 50,000 emails were exposed.

Regarding cyber security, there is still an open debate on global scale: Cyber threats have no countries, have no names, are an invisible enemy that could be dammed only with cooperation and awareness of entire populations.


Cross-posted from Security Affairs

Possibly Related Articles:
China FBI terrorism Cyberwar Trade Secrets Intellectual Property Cyber Security Hacktivist National Security Targeted Attacks Russia cyber weapon Sykipot Pierluigi Paganini Robert Mueller
Post Rating I Like this!
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.