Tell us your opinions on cyberwarfare and you could win a rather cool pocket-sized X-mini II travel speaker!
As we discussed earlier this year in the Sophos Security Threat Report 2010 [PDF], a third era of malware appears to have well and truly arrived.
Hacking and virus writing began as hobbyist activities, often with the intention to show how smart the perpetrator was rather than to benefit financially. It was the time of Green Caterpillars munching the contents of your screen or letters cascading down your monitor like raindrops.
Cybercrime was a nuisance and could still cost your company money in terms of clean-up and recovery, but was typically designed with mischief and mindless vandalism in mind rather than money.
However, the threat evolved into organised criminal activity, with the lure of huge amounts of money driving gangs to steal identities, create botnets, and advertise shady goods to the masses via spam for significant financial rewards.
But in the last few years we’ve begun to see something new. The money-grabbing online gangs haven’t been replaced, but there does appear to be more and more evidence that they have been joined by those who wish to use malware and the internet to gain commercial, political, economic and maybe even military advantage over rivals.
Here’s just a short list of just some of the many stories we’ve covered in recent years on this topic:
- Oil companies attacked by hackers
- Adobe confirms it was also hit in ‘Chinese’ hack
- Google points finger at China after hack attack
- Mossad hacked Syrian laptop before bombing nuclear facility
- Republican urges Obama to launch cyber attack against North Korea
- Does the UK attack other countries in cyberspace?
- Is there a cyberwarfare unit operating out of North Korea?
- North Korean agent jailed after South Korean spyware attack
- South Korea’s military command and control centre targeted in North Korean spyware attack
- Conflict between Russia and Georgia turns to cyber warfare
- Belgium accuses Chinese government of cyber-espionage
- India claims Chinese hackers attacked government networks
- Germany accused of deploying spyware against Afghan ministry
- Was Australian PM targeted by Chinese hackers?
- Businesses warned by MI5 of Chinese espionage threat
- Fingers pointed at Chinese military after hacking reports
- Critical infrastructure organisations targeted by hackers
Here at Sophos we’re not big fans of loose ends, and the problem with many of these stories is that the proof that an attack was sponsored by a foreign country’s government or military agency has always been hard to find.
After all, we all know that over 99% of all spam is sent from compromised computers, under the control of remote hackers. If hackers can instruct an innocent person’s PC to spew out bulk email, they could also use it as a springboard for a hack or a denial-of-service attack.
To put it most simply: a hacker can be based in Birmingham, but use a computer in Beijing to break into another country’s government network, deface a website, or spread malware. If your computer is poorly protected, a cybercriminal could take advantage of it to assist them in a economic/political/military attack.
But lets not be naive. I find it impossible to believe that countries would consider the internet and spyware “off-limits” as a tool for espionage. Countries are spying on each other all across the world for political, commercial and military advantage – and they would be crazy not to exploit the power of the internet to increase their chances of success.
Regular visitors to the Clu-blog will no doubt remember reading about “GhostNet”, which examined claims that the Chinese spied against organisations including the Tibetan government-in-exile and the private office of the Dalai Lama.
The same researchers published a new white paper this week, entitled “Shadows In The Cloud: Investigating Cyber Espionage 2.0”, which claims to have uncovered a “complex cyber-espionage” network that penetrated a number of organisations, including the United Nations, embassies, and the Office of the Dalai Lama once more.
The white paper claims that at least 1500 emails were stolen from the Dalai Lama’s office, in an attack said to have originated from the Chinese city of Chengdu.
Once again, it’s hard to prove that these attacks were sponsored by the Chinese government or military – proving that would probably require physical access to the computers in Chengdu at the very least.
What I would be interested in, however, is hearing your views of cyberwarfare. Do you think it’s acceptable for a country to spy and attack another via the internet? How about a DDoS attack? Is your country doing enough to protect itself from cyberwarfare attacks? Who do you think poses the biggest threat?
Help us find out by taking the survey now – and we’ll put you in the hat for one of ten X-Mini II travel speakers.
Thanks for responding!