Top Cyber Security Trends, Breaches, and Observations

 

According to David Hunter Tow, Cyber attacks are becoming increasingly common across the globe. Many Fortune 2000 companies as well as government agencies around the world are under frequent cyber attack of their core systems and services.

Cybercrime is a generic term for the illegal incursion and disruption at the national, enterprise and community level, of both cyber and physical assets. 

Cyber Vs. Physical Assets Defined

Cyber assets include the key information and knowledge resources including the data, policies, reports, IP, algorithms and applications, programs and operational procedures, that a modern society in the 21st century relies on to operate and manage its business.

Physical assets may include those objects and services controlled by computers and increasingly connected to the Internet. These include infrastructure, manufacturing and production machinery, industrial control and communication centers, security systems, medical devices, electricity grids and meters, vehicles and transport systems as well as billions of consumer and industrial electronic devices. 

Cybercrime is a relatively new phenomenon but because of its recent scale and game-changing implications for both government and industry it is rapidly becoming the dominant risk theme of the 21st century.

The opportunity for cyber attacks grows daily as corporations and governments continue to amass information about individuals in complex networks across the Web. At the same time new generations of cyber activists, some motivated purely by money and others by the desire to expose and destabilize corporations and governments, continue to hack into organizational secrets.

No enterprise, no matter how small or benign, will ever be safe from attack in the future, with an estimated 250,000 site breaches reported in the last few years. 

Some of the more high profile ones include:

1. EMC's RSA Security unit

2. The Public Broadcaster PBS

3. Sony's PlayStation network

4. Apple administration password database

5. The International Monetary Fund

6. South Korea's largest banks

7. The Spanish Police

8. US Senate

9. Texas Police Department

10 The CIA

11.Turkish and Malaysian governments

12.Google's Gmail

13.The Nokia forum site

14. Citibank's Credit Card accounts.

 

Losses Due to Cybercrime

In the latest Norton Cybercrime Report, it was reported that breaches of various types claimed 431 million adult victims last year, with 73% of adults in the US alone incurring estimated financial losses of $US 140 billion.

 As a criminal activity, cyber incursion is now almost as lucrative as the illegal drug trade. The total cost last year, including lost productivity and direct cash losses resulting from cyber attacks associated with viruses, malware and identity theft is estimated at $US 388 billion.

Top Cybercrime Technologies

The security firm McAfee report listed a range of cybercrime technologies deployed including: 

1. denial of service attacks

2. malware

3. spam

4. phishing

5. social site engineering

6. mobile phone viruses

7. botnets and phone sms Trojan messages

 

Latest Trends and New Developements in Cyberwarfare

 

1. Recently there have been documented cases of hacking drones. These are remote controlled aerial vehicles which can automatically detect and compromise wireless networks. The operate by locating a weak spot in a corporate internet connection. 

2. The first flaws in the advanced encryption standard used for internet banking and financial transactions as well as Government secure transmission have been discovered.

3. Security experts from McAfee have discovered the biggest series of cyber attacks to date. These involve infiltration of the networks of 72 organizations around the world. Included in these attacks are the UN, the governments of the US, Taiwan, India, South Korea, Vietnam and Canada, ASEAN, the International Olympic committee and an array of companies from defense contractors to high tech enterprises including Google. The most disturbing fact is that most of the victims unaware of the breaches.

These attacks represent a massive loss of economic advantage and possibly the biggest transfer of IP wealth in history. 

Currently every company in every industry of significant size, with valuable IP, contracts or trade secrets is potentially under attack. This will inevitably extend to smaller organizations such as strategic hi-tech start-ups. 

At the national level it involves exposure of sensitive state secrets including policy intentions and decisions covering all levels and functions of Government such as trade, defence and industry policy.

The stakes are huge; a challenge to economies and global markets. From both an enterprise and State perspective therefore this is an intolerable situation; but because it has exploded at such speed, the response to date has largely been fragmented and ineffective.

But this is about much more than ruthless criminal intent to pillage credit cards, steal trade data or bring down unpopular sites. On a global scale, cybercrime has the potential to morph into full blown Cyberwar! 

Three Main Groups of Hackers

1. The State sponsored hackers include China, Iran, Russia, Estonia, Israel. They are increasing the cyberwar stakes with its Stuxnet attack on the 

nuclear facilities of Iran, Indonesia, North Korea and Syria. Simultaneously, dictatorial regimes across the world, from Syria to Saudi Arabia have introduced extreme punitive measures to monitor and control access by dissidents, particularly during the Arab Spring. 

At times they have often coerced US and European technology companies to assist them, including Siemens- in the cross-hairs for assisting the autocratic Government of Bahrain track down dissidents.

2. The White hats are independent freelance hacker groups such as Anonymous/LulzSec. Their aim according to their manifesto is to expose the corruption and greed inherent in the playbooks of big business and rogue regimes powered by hyper-capitalism and intent on plundering the natural resources of the planet. They also support whistle-blower groups such as WikiLeaks and social activist groups in general.

 

3. The Black hats have much more clearly defined goals, from overtly criminal to destructive and anarchistic. They are aiming their attacks primarily on the Midas riches of credit card and financial databases across the globe, at the same time as China and Russia are hacking other Government's IP, email and trade secrets. 

Cyber Hackers now make up a complex substratum of social crime, composed of an ad hoc combination of hackers and security experts, each with a fiercely competitive agenda. But already fragmentation is extending to inter-cyber warfare between these rapidly evolving networks of dysfunctional society, at the same time overlapping with global terrorist groups.

The world's superpowers have already begun to introduce new cyber-policies to desperately protect their intellectual property, infrastructure and financial assets, as well control the flow of information within their populations- but is already bogged down.

The world is no longer a safe place. As an IT professional is your organization prepared for the inevitable cyberattack?

 

 

Note: portions of this article are adopted from a blog authored by David Hunter Tow on Cyberwarfare.

 

 

 

Enjoyed the article?

Sign-up for our free newsletter to kick off your day with the latest technology insights, or share the article with your friends and contacts on Facebook, Twitter or Google+ using the icons below.


E-mail address

Comments



White Papers