Cyber cold war threatens us all
Date: December 31, 2007Source: Wimmera.Yourguide.com.au
By:
... and that incident serves as a warning for other nations. The report calls the Estonia attack in April 2007 "the first real example of nation states flexing their cyber-warfare capabilities".
Estonian computers for government, banks and news organisations were hit with what is known as a distributed denial of service attack - that is, they were bombarded with so many requests they couldn't function.
What was suspicious was that the attack came during a heated dispute between Estonia and Russia over the removal of a Soviet statue in Tallinn, Estonia's capital. The attacks harnessed 20,000 networks of compromised computers in the United States, Canada, Vietnam, Brazil and elsewhere.
The director of Estonia's Department of Communication and Information Technology, Mikhel Tammet, was indignant at the time, saying: "It was a political campaign induced by the Russians, a political campaign designed to destroy our security and our society."
After several weeks, the attacks on Estonia's networks suddenly ceased. Russia vigorously denied any involvement and none can be proved, but the warning stands regardless of who was behind it.
Gary Gill, a partner in KPMG's forensic area, says corporate espionage is also on the rise. "We see and hear of a lot more attacks via the internet, phishing emails, people hacking into systems. One can only imagine that kind of stuff will get worse," he says.
He does, however, praise the work being done by Australian companies to thwart these activities.
"When you look at how the banks in particular deal with phishing emails and that kind of stuff, I would have to say they are probably up there among the best in the world."
Australian businesses have been quick to respond when attacks occur and have been clever in anticipating attacks that can then be shut down in advance, he says.
Sentonas agrees. The dangers here, while real, are not insurmountable - "Australia is well aware of internet-based and cyber crime, and organisations are quite mature in dealing with a lot of these threats" - but he stresses the responsibility rests not just with governments and big businesses.
The Estonian experience of harnessing thousands of unprotected PCs as "zombies" or "bots" reinforces the importance of individuals protecting their home computers from being used for such purposes. With even a $1500 home computer now able to send out 1 gigabtye of traffic a second, the dangers quickly become apparent, Sentonas says.
"If you multiply that across 100,000 machines, you've got a sizeable denial of service account that nearly every network on the internet would struggle to deal with," he says.
As an absolute minimum, he says, home PCs should be protected by anti-virus software, anti-spyware and a firewall.
David Vaile, the executive director of the Cyberspace Law and Police Centre at the University of NSW, was a contributor to the Virtual Criminology report. He believes it may be premature to blame China for the exploratory online attacks around the world, if only because the attacks are so difficult to pinpoint, but he agrees the problem is real.
"If you look at espionage generally, you can be quite sure various governments all around the world are developing both offensive and defensive capabilities in this area," he says.
As for Australia's efforts, little is publicly known. In part this is because such information is kept close to the chest and the more sophisticated the attack, the harder it is to investigate.
Vaile warns, however, that the proliferation of tools for hacking may prove a great equaliser as nations and political groups attack each other electronically.
"Many of the smaller and less-resourced intelligence services around the world would be in a position where instead of having to develop these sorts of skills themselves, they may well be able to buy them off the back of a truck, so to speak."
After several weeks, the attacks on Estonia's networks suddenly ceased. Russia vigorously denied any involvement and none can be proved, but the warning stands regardless of who was behind it.
Gary Gill, a partner in KPMG's forensic area, says corporate espionage is also on the rise. "We see and hear of a lot more attacks via the internet, phishing emails, people hacking into systems. One can only imagine that kind of stuff will get worse," he says.
He does, however, praise the work being done by Australian companies to thwart these activities.
"When you look at how the banks in particular deal with phishing emails and that kind of stuff, I would have to say they are probably up there among the best in the world."
Australian businesses have been quick to respond when attacks occur and have been clever in anticipating attacks that can then be shut down in advance, he says.
Sentonas agrees. The dangers here, while real, are not insurmountable - "Australia is well aware of internet-based and cyber crime, and organisations are quite mature in dealing with a lot of these threats" - but he stresses the responsibility rests not just with governments and big businesses.
The Estonian experience of harnessing thousands of unprotected PCs as "zombies" or "bots" reinforces the importance of individuals protecting their home computers from being used for such purposes. With even a $1500 home computer now able to send out 1 gigabtye of traffic a second, the dangers quickly become apparent, Sentonas says.
"If you multiply that across 100,000 machines, you've got a sizeable denial of service account that nearly every network on the internet would struggle to deal with," he says.
As an absolute minimum, he says, home PCs should be protected by anti-virus software, anti-spyware and a firewall.
David Vaile, the executive director of the Cyberspace Law and Police Centre at the University of NSW, was a contributor to the Virtual Criminology report. He believes it may be premature to blame China for the exploratory online attacks around the world, if only because the attacks are so difficult to pinpoint, but he agrees the problem is real.
"If you look at espionage generally, you can be quite sure various governments all around the world are developing both offensive and defensive capabilities in this area," he says.
As for Australia's efforts, little is publicly known. In part this is because such information is kept close to the chest and the more sophisticated the attack, the harder it is to investigate.
Vaile warns, however, that the proliferation of tools for hacking may prove a great equaliser as nations and political groups attack each other electronically.
"Many of the smaller and less-resourced intelligence services around the world would be in a position where instead of having to develop these sorts of skills themselves, they may well be able to buy them off the back of a truck, so to speak."
Add comment Email to a Friend