Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

10/19/2009
10:45 AM
Fritz Nelson
Fritz Nelson
Commentary
Connect Directly
Facebook
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Full Nelson: The Growing Threat Of Cyberwarfare

Many more casualities will pile up, but policy and agreements will prove meaningless against today's anonymous cyberwarrior.

In light of the growing concern related to Google cyber attack, we're re-posting this column, which originally ran October 19, 2009.

Gladiators and jousters, Wild West gunslingers and kamikaze pilots, are long retired to history books and celluloid epics, each a reminder of war tactics from a bygone era. They're supplanted today by anonymous warriors--pseudonyms sitting in virtual garrisons, spying, probing, and launching attacks from non-descript buildings all over the world. This is not your father's war. It's not even your older brother's war. In cyberwarfare, there may be no victors, no spoils, just havoc, theft, and assault.

Those who cling mindlessly to notions of war driven by sovereignty and territorial conquest through armed forces should look no further than the specter of current events, where warlords live in caves and their henchmen strap on home-made explosives. Take shock value and terror and layer in the Internet's abstraction and suddenly those who hate or feel disenfranchised or seek wealth or yearn for sanity, or whatever else, gain instant targets and instant audience, and an almost-impossible cave to find.

New wars call for new rules and new definitions. Kris Herrin, chief security officer of Heartland Payment Systems, recently riveted banking industry veterans, as he often does when he folds his company's disastrous security breach inside out. The Russian hackers who breached Heartland and stole its data late last year outsource their malware development to India, have customer service guarantees, offer a help desk, and provide a fully automated attack platform (you can select a target and an attack method, much as you would customize a hand bag online).

It would be easy enough to label this cybercrime, but Russian civilians have engaged in cyberattacks against neighboring Georgia. During Herrin's talk, a Bank of America executive reminded the audience that the Department of Homeland Security revealed that Al-Qaeda had attacked banks worldwide to the tune of hundreds of millions of dollars to fund its operations. Cybercrime, or cyberwarfare? The Russian outfit that attacked Heartland breached 300 financial institutions. If they marched into America as armed militia, or took out electric grids with guns and tanks, would that be crime or war? The lines blur.

Fear and outrage followed North Korea's alleged infiltration of the Department of Justice and Federal Trade Commission computer systems. The U.S. reportedly hacked into Iran's systems early this decade to monitor that country's nuclear program. The New York Times reported that U.S. soldiers lured Al-Qaeda into a death trap by hacking into a computer and falsifying information. There are numerous reports on persistent probes from Chinese hackers into U.S. systems, including network operators penetrating several electric grids. Some government officials suspect China of building trapdoors (hidden code or altered physical layers) into the chips that run many of our computer systems.

Well-known security researcher Marcus Ranum argues that cyberwarfare doesn't exist, that cyberattacks only accompany a vast military invasion. Besides, what right-minded military would tolerate a weapon that could be disabled with a push of a button. And yet unmanned fighter drones capable of surveillance and strikes fly non-stop miles above Iraq and Afghanistan and regularly fall into automated holding patterns when pilots thousands of miles away lose Internet connectivity to the aircraft, cyberflanks exposed.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
RetiredUser
50%
50%
RetiredUser,
User Rank: Ninja
12/22/2016 | 4:21:09 AM
Bring Back the Full Nelson
First, I think the Full Nelson needs to make a comeback.  Just saying.  Second, while nobody "in the know" can argue with the points here, it isn't surprising that all these years later nothing's changed, and in fact it has gotten worse.  As tech becomes more independent and "autonomous" so does the illegal access by the hacker and cracker underground to this tech become ubiquitous.  And all the while our policies and procedures in business and government remain somewhat stagnant, inadequate and unapologetic about their inability to fully meet the cyber threats that we see reported on by the dozen, on the hour, every hour.  I equate it to the rise of hip-hop culture and the ease with which the youth bond to it and speak its language, but just when our President seemed able to communicate in that language and relate to the "now", our government is taking a step backward and the communication is lost again.  So are our driving standards and security narratives.  They need to get back to understanding the "now" and speaking the language of modern hackers.  Social engineering works both ways, and the sooner we see more InfoSec professionals with government job titles who look and speak like Aaron Swartz (R.I.P.) the sooner we'll see some ground gained in the battle against black hat hackers...   
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/21/2020
Cybersecurity Bounces Back, but Talent Still Absent
Simone Petrella, Chief Executive Officer, CyberVista,  9/16/2020
Meet the Computer Scientist Who Helped Push for Paper Ballots
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/16/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Latest Comment: Exactly
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-4590
PUBLISHED: 2020-09-21
IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authenticated client. IBM X-Force ID: 184650.
CVE-2020-4731
PUBLISHED: 2020-09-21
IBM Aspera Web Application 1.9.14 PL1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 188055.
CVE-2020-4315
PUBLISHED: 2020-09-21
IBM Business Automation Content Analyzer on Cloud 1.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the i...
CVE-2020-4579
PUBLISHED: 2020-09-21
IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a specially crafted HTTP/2 request with invalid characters. IBM X-Force ID: 184438.
CVE-2020-4580
PUBLISHED: 2020-09-21
IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a specially crafted a JSON request with invalid characters. IBM X-Force ID: 184439.