Follow Us

We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Will 2012 be the year of the cyberwar?

We have plenty of evidence that online battlefields between nations isn't beyond reality

Article comments

The cyberwar discussion is mired in confusion.

What defines an act of cyberwar? Is it a sophisticated hack from China or Russia that shuts down the US power grid? Is it a rogue group like Anonymous breaking into government sites? Is it all the spying China has been doing for several years now? And what about Stuxnet and Duqu? Were those creations an act of war by the US and Israel against Iran? Does a cyberwar involve government and military sites only or does it include the networks of private enterprise as well?

The debate will continue to limp along in 2012. Don't expect a clearer definition, because you probably won't get one. Still, on a much smaller, targeted scale, we have plenty of evidence that online battlefields between nations isn't beyond reality. Instead of waiting for the perfect metrics and verbiage, we may as well accept that the tools and know-how exist for cyberwar and plan our defenses accordingly.

Spy vs. spy

Clearly, governments have been using hackers to spy on other countries via weaknesses in computing infrastructure for years now. Back in 2009, colleague Grant Gross wrote about cyberspies from China, Russia and elsewhere gaining access to the US electrical grid and installing malware tools designed to terminate service. One could interpret those actions as an act of war, though it's difficult to know for certain what the motives are.

Just a couple weeks ago, colleague Jeremy Kirk wrote about a report in which the Office of the National Counterintelligence Executive warned of more aggressive spying in the coming months. Specifically, he wrote, the US can expect more aggressive efforts from countries such as Russia and China to collect information through cyberespionage in areas such as pharmaceuticals, defense and manufacturing

"Chinese actors are the world's most active and persistent perpetrators of economic espionage," the report said. "Russia's intelligence services are conducting a range of activities to collect economic information and technology from US targets."

Lack of preparation

George V. Hulme has spent a lot of time researching the issue this past year. He once asked, "If Stuxnet was an act of cyberwar, is the US ready for a response?"

The short answer from security experts was no.

"The biggest challenge we face isn't that we're not ready for a Stuxnet. The biggest problem we face is that we're not really ready for anything. If you were to do a pen test - and there's plenty of research out there to support this - most utility companies are extremely vulnerable," says Eric Knapp, director of critical infrastructure markets at NitroSecurity.

We got a reminder of that reality last week, when hackers reportedly launched a digital attack that destroyed a water pump in Springfield, Illinois, then took aim at the SCADA system of Houston's water supply network.

What to do?

Fortunately, there are already steps we can take to harden our defences. David Marcus, director of security research at McAfee, wrote about the incidents in his blog, saying it's no more difficult to attack a SCADA network or system than it is to attack any other system. It's always just a matter of time, he writes, adding:

"Certainly we may see more SCADA-based or SCADA-focused attacks in the future. Attackers tend to target systems that can be successfully compromised, and recent history has shown that these systems are at least as vulnerable as other types of networked systems." But that isnt really the point, he said. "In my mind, the second question often morphs into 'How do we know they are not already compromised and actively under attack now?'"

Assuming we are, he suggested a few things individual SCADA admins can do:

  • Include "cyber" in all risk management
  • Set up extensive penetration testing
  • Set up extensive counter-social engineering training
  • Put a SCADA-specific CERT plan and team in place
  • Network with law enforcement at all levels
  • Expect to get attacked and take appropriate countermeasures

Though this advice was offered to SCADA admins, the advice is applicable to the wider challenges that go into protecting network infrastructure.

Know what you're talking about

The greatest challenge, perhaps, is getting our definition of cyberwar straight. I'm one of the first to admit that I don't have my own act together on this yet. But as I work on that, I have plenty of good resources to draw from. One is a column Brian Krebs wrote around this time last year called "The cyberwar will not be streamed."

In it, he warned against the careless use of cyberwar terminology in the wake of Wikileaks. He wrote:

I hope the media will exercise a bit more restraint in tossing around volatile terms like cyberwar, particularly to describe the antics of a group that has a well-earned reputation for attention-grabbing stunts and lampooning just about everything. At best, such flattery may only encourage copycat attacks; at worst, it trivialises the far more serious issues raised by the Wikileaks scandal.

One thing is certain about the coming year. Whether or not we can see things that are easily defined as cyberwarfare, things will no doubt be getting more interesting. Hopefully, we're better prepared than this time last year.


Share:

More from Techworld

More relevant IT news

Comments



Send to a friend

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Choose – and Choose Wisely – the Right MSP for Your SMB

End users need a technology partner that provides transparency, enables productivity, delivers...

Download Whitepaper

10 Effective Habits of Indispensable IT Departments

It’s no secret that responsibilities are growing while budgets continue to shrink. Download this...

Download Whitepaper

Gartner Magic Quadrant for Enterprise Information Archiving

Enterprise information archiving is contributing to organisational needs for e-discovery and...

Download Whitepaper

Advancing the state of virtualised backups

Dell Software’s vRanger is a veteran of the virtualisation specific backup market. It was the...

Download Whitepaper

Techworld UK - Technology - Business

Innovation, productivity, agility and profit

Watch this on demand webinar which explores IT innovation, managed print services and business agility.

Techworld Mobile Site

Access Techworld's content on the move

Get the latest news, product reviews and downloads on your mobile device with Techworld's mobile site.

Find out more...

From Wow to How : Making mobile and cloud work for you

On demand Biztech Briefing - Learn how to effectively deliver mobile work styles and cloud services together.

Watch now...

Site Map

* *