International cyber spying rated as number one threat for 2008
- 04 December, 2007 08:05
A study was released yesterday warning of a rise in international cyber spying, labelling it the single biggest threat to the enterprise in 2008.
The annual McAfee Virtual Criminology Report examines emerging global cyber security trends, with imput from NATO, the FBI, SOCA and experts from leading industry groups and universities.
It claims governments across the globe are using the Internet for cyber spying and cyber attacks. This claim comes as a surprise as many security vendors have been shy about admitting to the prevalence of cyber spying by governments.
Despite all the hype about the need to protect critical infrastructure which was dominating headlines about six years ago, the issue has subsided in recent years with malware and phishing attacks creating havoc for the financial services industry.
The report said cyber targets include critical national infrastructure network systems such as electricity, air traffic control, financial markets and government computer networks
McAfee estimates 120 countries are now using the Internet for Web espionage operations.
McAfee senior vice president of product development, Jeff Green, said many cyber attacks originate from China.
Green said the Chinese government has publicly stated that it is pursuing activities in cyber espionage.
He said cyber assaults have become more sophisticated in their nature, designed to specifically slip under the radar of government cyber defenses.
"Attacks have progressed from initial curiosity probes to well-funded and well-organized operations for political, military, economic and technical espionage," Green warned.
"Cybercrime is now a global issue. It has evolved significantly and is no longer just a threat to industry and individuals but increasingly to national security.
"We're seeing emerging threats from increasingly sophisticated groups attacking organisations around the world. Technology is only part of the solution, and over the next five years we will start to see international governments take action."
David Vaile, executive director of the Cyberspace Law and Policy Centre at the University of NSW, said it is difficult to measure cyber spying because there are so many denials.
But he said the recent cyber war in Estonia is proof of the growth in Web espionage.
The attack took the form of coordinated mass requests for information and spam e-mail which slowed down key Web sites so they did not function or crashed due to the attacks. Web sites were crippled across the country and while Russian hackers were accused of being involved in the attacks, analysis of the malicious traffic showed computers from the US, Canada, Brazil and Vietnam were used.
The cyber war was the result of a political disagreement about a Soviet war memorial the Estonian government is seeking to relocate.
Vaile said western countries are certainly developing capabilities and skills in this area.
The study also identified genetically modified 'super' threats claiming there is a new level of complexity in malware not seen before.
These 'super-strength' threats are more resilient, are modified over and over again like recombinant DNA, and contain highly sophisticated functionality such as encryption draw. Nuwar ('Storm Worm') was the first example, and experts say there will be more examples in 2008.
A new target for cybercriminals is Voice over IP (Internet Protocol) software. In Japan, 50 percent of all data breaches have been via peer-to-peer software.
The study also warned a sustained cyber attack on banks could severely damage public trust in online banking and put the brakes on e-commerce.
Cybercriminals are also providing a new level of customer service. This underground economy already includes specialised auction sites, product advertising and even support services, but now competition is so fierce that 'customer service' has become a specific selling point.
For example, the cost of renting a platform for spamming has dropped, and criminals can now buy custom-written Trojans built to steal credit card data.
The 'white market' that exists to buy and sell software flaws (back-door vulnerabilities with no available patch to fix them) is fuelling a virtual arms trade in potentially significant security threats.
Software flaws can fetch big money -- up to US$75,000, and experts believe that while this white market exists there is an increasing danger of flaws falling into the hands of cybercriminals.