If George Lucas were to make another sci-fi film, he would sure move away from Star Wars series and explore a fresh movie series on Cyber Wars. The new age wars have become more interesting, intriguing and exciting as attackers can virtually launch devastating attacks using their computers, sitting in nondescript, godforsaken locations.
The Governments, corporates and small-time ethical hackers are building intelligence and counter-intelligence capabilities to smell, pre-empt and, if need be, launch counter attacks to maim the attackers. Some Governments have set up undercover control rooms to develop advance tools to cause untold loss to the enemy countries.
The challenge is no longer an issue of someone sending abusive emails tarnishing the image of the targeted people or morphing or sending Lottery Prize Winning emails.
Read these examples:
* The Nitro attack is focused on the chemical sector. The objective is to obtain sensitive documents such as proprietary designs, formulas, and manufacturing processes.
* Stuxnet is an electronic worm designed to target industrial control systems used to monitor and run large-scale industrial facilities. Its real target is to manoeuvre the physical equipment attached to specific industrial control systems. This will make the systems to work on commands of the attacker. India was home to the third highest Stuxnet infections, the Internet security solutions firm Symantec says.
The DNS Changer saga is a case in a point and it made a good section of netizens to come out of slumber. They have realised that Internet security warnings are no longer just ‘gyan' sessions that they ignored for long.
Though it created havoc across the globe, particularly in some top G-20 countries, a handful of hackers sitting in the East European country Estonia had taken control of lakhs of computers. Their modus operandi is this: they spread malware in the form of malicious mails.
If you click on it, you have invited trouble. The virus crawls into your Internet settings and change the DNS (Domain name System) number. This is the number that helps computers converse by converting the Internet addresses into the numbers. The changed number would drive the traffic to fake sites hosted on rogue servers.
Once hijacked, these servile computers would become money-churning machines in the form of more clicks on the wrong ads and other ways.
The US Federal Bureau of Investigation had taken control of the servers, replaced them with genuine ones in order to help the infected computers continue to access the Internet and Internet Service Providers to clean up the infected computers.
This FBI action has generated worldwide interest, a la Skylab satellite fall three decades ago. Internet security experts, however, say that this is only a trailer. A lot of stealth attacks by State actors (Governments) and non-State actors have done immense damages financially. They targeted Government utilities, corporates and ‘rogue' nations.
Freedom-loving activists too are playing their bit in this space. Strongly opposed to Governments' authoritarian moves to restrict Internet freedom, these hacktivist (activists who are ethical hackers) groups are launching debilitating attacks on public and private computer networks to, what they call, deny services (to those who come to the target websites for information and services).
Intelligence Issues
RSA, a security solutions firm, has asked corporates to develop a strong intelligence gathering network. It is not just Governments that require intelligence. Corporates too need to stay ahead (of attackers.)
“The tempo and serious nature of recent attacks calls for urgent and bold countermeasures that position organisations not only to detect advanced threats, but also to predict how attacks may occur,” Mr Art Coviello, Executive Chairman of the US-based RSA, says.
Early this year, it convened a meeting of top Chief Information Officers to bring out Security for Business Innovation Council (SBIC) report. It contains specific recommendations on how to develop an intelligence-driven approach to counter advanced threats.
Based on the real-world experiences of 17 top global information security leaders, the report provides a playbook for enterprise security executives who wish to leverage the universe of intelligence data available to help detect, predict and mitigate cyber attacks.
Mr Tim McKnight, Vice-President and Chief Information Security Officer of Northrop Grumman, says you may not see any losses quarter-by-quarter. “It could be years until you see the losses – when all of a sudden, out of the blue, a company in another part of the world becomes the leader in your space, having subsidised itself with your research and development investments,” he points out in the report.
Off the record, some security experts pop up the names of the countries that are attacking the enemy countries and the R&D, defence and military establishments.
“It is important to remember that although on the increase, targeted attacks are still very rare. Targeted attacks use customised malware and refined targeted social engineering to gain unauthorised access to sensitive information. We regard this as the next evolution of social engineering, where victims are researched in advance and specifically targeted,” a Symantec research said last week.
The Symantec Intelligence Report, which shows 36 percent of all targeted attacks (58 per day) during the last six months were directed at businesses with 250 or fewer employees. This figure was 18 percent at the end of December 2011.
Research and consultancy firms such as McKinsey warn corporates that a poor response (to the danger signals) can be far more damaging than the attack itself.
“Can it happen to us?”
“All over the world, technology executives have been fielding this question from boards of directors and CEOs in the wake of highly publicised cyberattacks on large, well-respected companies and public institutions,” authors of the article on cyber attacks in McKinsey's latest quarterly magazine said.
“Yes is the only honest answer at a time when ever more value is migrating online, when business strategies require more open and interconnected technology environments, when attackers have always-expanding capabilities, and when attacks take advantage of limited security awareness among employees and customers. In fact, it may already have happened to you—but you may not know it,” they warn in the article.