Risk
10/19/2009
10:45 AM
Fritz Nelson
Fritz Nelson
Commentary
Connect Directly
Facebook
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Full Nelson: The Growing Threat Of Cyberwarfare

Many more casualities will pile up, but policy and agreements will prove meaningless against today's anonymous cyberwarrior.

In light of the growing concern related to Google cyber attack, we're re-posting this column, which originally ran October 19, 2009.

Gladiators and jousters, Wild West gunslingers and kamikaze pilots, are long retired to history books and celluloid epics, each a reminder of war tactics from a bygone era. They're supplanted today by anonymous warriors--pseudonyms sitting in virtual garrisons, spying, probing, and launching attacks from non-descript buildings all over the world. This is not your father's war. It's not even your older brother's war. In cyberwarfare, there may be no victors, no spoils, just havoc, theft, and assault.

Those who cling mindlessly to notions of war driven by sovereignty and territorial conquest through armed forces should look no further than the specter of current events, where warlords live in caves and their henchmen strap on home-made explosives. Take shock value and terror and layer in the Internet's abstraction and suddenly those who hate or feel disenfranchised or seek wealth or yearn for sanity, or whatever else, gain instant targets and instant audience, and an almost-impossible cave to find.

New wars call for new rules and new definitions. Kris Herrin, chief security officer of Heartland Payment Systems, recently riveted banking industry veterans, as he often does when he folds his company's disastrous security breach inside out. The Russian hackers who breached Heartland and stole its data late last year outsource their malware development to India, have customer service guarantees, offer a help desk, and provide a fully automated attack platform (you can select a target and an attack method, much as you would customize a hand bag online).

It would be easy enough to label this cybercrime, but Russian civilians have engaged in cyberattacks against neighboring Georgia. During Herrin's talk, a Bank of America executive reminded the audience that the Department of Homeland Security revealed that Al-Qaeda had attacked banks worldwide to the tune of hundreds of millions of dollars to fund its operations. Cybercrime, or cyberwarfare? The Russian outfit that attacked Heartland breached 300 financial institutions. If they marched into America as armed militia, or took out electric grids with guns and tanks, would that be crime or war? The lines blur.

Fear and outrage followed North Korea's alleged infiltration of the Department of Justice and Federal Trade Commission computer systems. The U.S. reportedly hacked into Iran's systems early this decade to monitor that country's nuclear program. The New York Times reported that U.S. soldiers lured Al-Qaeda into a death trap by hacking into a computer and falsifying information. There are numerous reports on persistent probes from Chinese hackers into U.S. systems, including network operators penetrating several electric grids. Some government officials suspect China of building trapdoors (hidden code or altered physical layers) into the chips that run many of our computer systems.

Well-known security researcher Marcus Ranum argues that cyberwarfare doesn't exist, that cyberattacks only accompany a vast military invasion. Besides, what right-minded military would tolerate a weapon that could be disabled with a push of a button. And yet unmanned fighter drones capable of surveillance and strikes fly non-stop miles above Iraq and Afghanistan and regularly fall into automated holding patterns when pilots thousands of miles away lose Internet connectivity to the aircraft, cyberflanks exposed.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Christian Bryant
50%
50%
Christian Bryant,
User Rank: Ninja
12/22/2016 | 4:21:09 AM
Bring Back the Full Nelson
First, I think the Full Nelson needs to make a comeback.  Just saying.  Second, while nobody "in the know" can argue with the points here, it isn't surprising that all these years later nothing's changed, and in fact it has gotten worse.  As tech becomes more independent and "autonomous" so does the illegal access by the hacker and cracker underground to this tech become ubiquitous.  And all the while our policies and procedures in business and government remain somewhat stagnant, inadequate and unapologetic about their inability to fully meet the cyber threats that we see reported on by the dozen, on the hour, every hour.  I equate it to the rise of hip-hop culture and the ease with which the youth bond to it and speak its language, but just when our President seemed able to communicate in that language and relate to the "now", our government is taking a step backward and the communication is lost again.  So are our driving standards and security narratives.  They need to get back to understanding the "now" and speaking the language of modern hackers.  Social engineering works both ways, and the sooner we see more InfoSec professionals with government job titles who look and speak like Aaron Swartz (R.I.P.) the sooner we'll see some ground gained in the battle against black hat hackers...   
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: You are infected!  @malwareunicorn to the rescue...  
Current Issue
Security Operations and IT Operations: Finding the Path to Collaboration
A wide gulf has emerged between SOC and NOC teams that's keeping both of them from assuring the confidentiality, integrity, and availability of IT systems. Here's how experts think it should be bridged.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.

Dark Reading Radio
Archived Dark Reading Radio
In past years, security researchers have discovered ways to hack cars, medical devices, automated teller machines, and many other targets. Dark Reading Executive Editor Kelly Jackson Higgins hosts researcher Samy Kamkar and Levi Gundert, vice president of threat intelligence at Recorded Future, to discuss some of 2016's most unusual and creative hacks by white hats, and what these new vulnerabilities might mean for the coming year.