top of page

Cyber-Attacks in the Media

Espionage is a lot like a biological virus. Spies find ways to gather information, and those with information that needs protecting – governments, large corporations and the like – eventually learn that their system is not secure and find new, better methods of protection. Then, the information gathering methods evolve to get around the new protections, and the process begins again. Today, espionage doesn’t merely resemble a biological virus – it often is a virus but of the technological variety.

In the last month, there has been a spate of cyber-crime reported in the media. Targets and methods used vary, as do the successes in repelling or responding to the attacks. Clearly, every major cyber-attack is not reported in the media, (in my own slightly cynical viewpoint, only the ones that will somehow further the aims of the victim are reported, unless the attacker wishes to brag). One certainty is that no matter the reporting statistics, the frequency of cyber-attacks is rising.

The most famous recent example of a cyber-attack is Stuxnet, the virus that allegedly destroyed over 100 centrifuges from Iran’s nuclear program in the fall of 2010. (NY Times, Israeli Test on Worm Called Crucial In Iran Nuclear Delay, Jan 15, 2011). The really interesting part of Stuxnet is the precision with which it was crafted. (Symantec Stuxnet Dossier) The code used in Stuxnet bespeaks lots of time, energy, money, and some very good software engineers, and those in the industry say it will be a long time before anyone outside of government or big business will have the resources to create another virus like Stuxnet. As for all the publicity it has received, Stuxnet reportedly set the nuclear program in Iran back at least as far, if not further, than a conventional military strike would have, and without any of the political consequences of a conventional strike. (NY Times, Israeli Test on Worm Called Crucial In Iran Nuclear Delay, Jan 15, 2011). This has opened up a new set of viable options for dealing with the growing specter of a nuclear Iran, which many see as a step in the right direction.

Iran is not the only recent target. In South Korea, a cyber-attack on March 4, 2011, was focused on denial of services, shutting down several servers and affecting more than 40 websites, some of them run by the government. (NY Times, In Cyberattack, Virus Infects 40 Websites in South Korea, March 4, 2011). The South Korean government asserts that they had adequate defenses in place, noting that this attack very closely resembled an attack from 2009. While this wasn’t clearly aimed at one group and doesn’t look profit-motivated, it did adversely affect many area businesses.

Canadian officials have also announced a recent attack on several of their government agencies, most notably the Department of Finance, discovered in late January 2011. There were detection measures in place, and the internet connections for all affected computers were quickly shut down, it hindered the operation of the departments, and it is doubtful that they will ever discover if any information was lost. (NY Times, Canada Hit By Cyber-Attack, February 17, 2011).Canada might seem like an unlikely target for a cyber-attack, but it appears that the persons responsible were not after government secrets or destruction of infrastructure so much as the chance to make money when the Department of Finance released the annual budget, which is typically kept secret so that no one can use the information to make a profit. (Canada Hit By Cyber-Attack).

The downside of all the convenience technology provides is that it is vulnerable in many different places, in many different ways, as the attacks above show.

The question is, who do you think has the upper hand at the moment?

Comments


bottom of page