Add cyber espionage to the list of Internet threats the government may need to watch out for in 2008.
That’s according to Santa Clara, Calif.-based security vendor McAfee Inc. based on latest findings from its annual Virtual Criminology Report. The report cited an estimated 120 countries that are using the Internet for Web espionage operations, in what security analysts are calling a “cyber cold war.”
Cyber espionage, according to David Marcus, security research and communications manager for McAfee Avert Labs, is the cyber equivalent of the practice of spying to gather data.
“That can take a lot of different forms and methods through the Internet,” said Marcus. “It can be as simple as scanning someone’s server to get information about what it is or what the operating system is or it can be as difficult as capturing their traffic to see what they’re talking about.”
According to the McAfee report, governments and allied groups are using the Internet for cyber spying and cyber attacks. Such attacks target critical infrastructure network systems such as electricity, air traffic control, financial markets and government computer networks.
The report even went further by stating that Web espionage is “now a growing threat to national security,” as it becomes increasingly advanced, moving from curiosity probes to well-funded and well-organized operations for political or technical gain.
“It really makes sense when you think about it from the point of view of a person who wants to engage in (cyber espionage), the Internet is a great enabler of spying and probing and finding information about potential targets,” Marcus said.
He cited previously reported incidents of distributed denial-of-service (DDOS) attacks that targeted several national Web sites of the Estonian government early this year. Last June, a hacker managed to penetrate an e-mail system being used by the U.S. Pentagon, taking down up to 1,500 e-mail accounts.
Peter Sommer, an information systems expert with the London School of Economics, who contributed to the McAfee report, said, “There are signs that intelligence agencies around the world are constantly probing other governments’ networks looking for strengths and weaknesses and developing new ways to gather intelligence.”
Germany, India, New Zealand and Australia are also among governments reported to have suffered some form of cyber attack in the last 12 months, the McAfee report said.
Sommer further indicated that government agencies are, without doubt, conducting research on how botnets can be turned into offensive weapons. Botnets are a network of infected computers that a hacker has control and access to. They’re typically used for mass distribution of spam or for launching DDOS attacks.
“DDOS attacks will remain a problem for public-facing government Web sites, but internal sites are usually easier to protect,” Sommer said.
David Senf, director of Canadian security and software research with IDC Canada, said data leakage and data loss prevention will be top-of-mind for IT executives in 2008, not only in the public sector, but also in the financial services sector and the Canadian mid-market in general.
It may be difficult to attain 100 per cent protection when it comes to data security, but having the ability to make risk assessments is key, Senf said.
“The point is to assess how much of a given technology and given policies you need to put in place in order to be as secure as you can, which means doing risk assessment and understanding what your security posture is and should be,” he said.
He added that while the Canadian federal and provincial government sectors are “looking better relative to other industries and relative to the insecurity of the mid-market,” more work needs to be done with public sector security, particularly in the areas of identity and access management, network access control and data encryption.
He added that use of data encryption technology is increasingly becoming a focus in the government sector.
“When we look at the Canadian government and their focus on PIPEDA (Personal Information Protection and Electronic Documents Act), there is strong focus on ensuring that citizen data is protected, but there is still work to be done,” Senf said.
Related content:
Cyber attack prompts US to send team to Estonia