Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

6/3/2008
08:36 PM
George V. Hulme
George V. Hulme
Commentary
50%
50%

Hezbollah Has Hacking Chops

Michael Chertoff, Homeland Security secretary, recently stated that Hezbollah is the greatest threat to U.S. national security. And Western intelligence agencies are increasingly taking the organization's cyberattack skills more seriously. What do you think their targets would be?

Michael Chertoff, Homeland Security secretary, recently stated that Hezbollah is the greatest threat to U.S. national security. And Western intelligence agencies are increasingly taking the organization's cyberattack skills more seriously. What do you think their targets would be?The topic of cyberwarfare reared its head again in this DefenseTech.org post. There's been talk about cyberwar for quite some time. Kevin Coleman writes that a 2002 CIA report noted that several groups were beginning to plan attacks on Western networks. I wrote this cover story about cyberwarfare on the eve of the Iraqi war.

Today, Coleman cites a number of estimated Hezbollah capabilities:

Equipment: Hezbollah possesses up-to-date information technologies -- broadband wireless networks and computers.

Cyber Capabilities: Global Rating in Cyber Capabilities -- Tied at Number 37 Hezbollah has been able to engage in fiber optic cable tapping, enabling data interception and the hijacking of Internet and communication connections.

Cyber Warfare Budget: $935,000 USD

Offensive Cyber Capabilities: 3.1 (1 = Low, 3 = Moderate and 5 = Significant)

Cyber Weapons Rating: Basic -- but developing intermediate capabilities

The post goes on:

Using new hacking techniques, taking advantage of security vulnerabilities, and using simple, proven cyberattack methods, terrorists have the capability to attack us in ways not seen before. Key infrastructure systems that include utilities, banking, media/TV systems, telecommunications, and air traffic control systems have already been compromised. No one knows if cyber terrorists created trap doors and left logic bombs allowing them to easily bypass security systems and disrupt our critical infrastructure in coordination with traditional style attacks.

The notion that cyberterrorists have created trap doors, or left logic bombs behind in previous attacks, strikes me as a bit far-fetched. It's possible, and the recent alarm from the FBI about counterfeit Cisco routers is cause for concern. But IT systems change fairly quickly, and the utility of such digital plants wouldn't have a long shelf life, and couldn't be guaranteed to work when needed. I'm not sure what the "new" hacking techniques would be.

However, there's no doubt in my mind that cyberattacks against Western interests are going to supplement traditional warfare. They'll be used to attempt to disrupt financial networks, emergency responders, power, and other fundamental aspects of society.

The good news is that there's no secret nation-state or terrorist attack kit. I'm not aware of any super-duper denial-of-service attack capabilities that have yet to be unleashed. These attacks, if they happen at all, will most likely resemble the attacks against unpatched systems, or social engineering a user to somehow provide access. The odds of sustaining such an attack are in your favor, if you build a resilient architecture, with good security, risk management, and business-continuity procedures in place. In fact, any such attacks should be far less disruptive than the possible hacks, hurricanes, tornadoes, fires, or any other natural disaster you're already planning for.

The takeaway: If you're prepared for a sizable natural disaster, and already hardening your systems, you're as covered as you can be.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
COVID-19: Latest Security News & Commentary
Dark Reading Staff 9/21/2020
Hacking Yourself: Marie Moe and Pacemaker Security
Gary McGraw Ph.D., Co-founder Berryville Institute of Machine Learning,  9/21/2020
Startup Aims to Map and Track All the IT and Security Things
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/22/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
How IT Security Organizations are Attacking the Cybersecurity Problem
How IT Security Organizations are Attacking the Cybersecurity Problem
The COVID-19 pandemic turned the world -- and enterprise computing -- on end. Here's a look at how cybersecurity teams are retrenching their defense strategies, rebuilding their teams, and selecting new technologies to stop the oncoming rise of online attacks.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-15930
PUBLISHED: 2020-09-24
An XSS issue in Joplin desktop 1.0.190 to 1.0.245 allows arbitrary code execution via a malicious HTML embed tag.
CVE-2020-19447
PUBLISHED: 2020-09-24
SQL injection exists in the jdownloads 3.2.63 component for Joomla! com_jdownloads/models/send.php via the f_marked_files_id parameter.
CVE-2020-3560
PUBLISHED: 2020-09-24
A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. The vulnerability is due to improper resource management while processing specific packets. An attacker could exploit this vulnerability by s...
CVE-2020-3509
PUBLISHED: 2020-09-24
A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service (DoS) condition. The vulnerability is due to insufficient error...
CVE-2020-3510
PUBLISHED: 2020-09-24
A vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to trigger a reload, resulting in a denial of service condition on an affected device. The vulnerability is due to insufficient error h...